Microsoft discovered a critical vulnerability in the Google Chrome web browser which is tracked under the CVE-2017-5121 advisory. The details pertaining in its discovery reveal some of the issues that web browsers face in today’s world where hacker attacks and viruses remain a constant threat.
How Modern Sandboxing Security Methods Work
Most contemporary web browsers feature different technology solutions to protect against viruses and malicious scripts. One of the most famous examples is the sandboxing mechanism ‒ it allows host programs to execute applications or scripts while at the same carefully controlling the resource allocation and privileges within a specially controlled environment.
The technique allows web servers to differentiate between hosted sites, development platforms to separate built projects and web browsers to carefully monitor and control the separate tabs and all user-accessed content. While sandboxing appears to be a good protective measure against malware and hacker intrusions, when it is exploited the criminal intruders can access a large subset of resources depending on the case.
The Google Chrome RCE Bug Case (CVE-2017-5121)
The Microsoft Offensive Security Research (OSR) team made a thorough investigation into the matter and used Google Chrome as an example. During their detailed analysis of the browsers’s sandboxing model they discovered an alarming vulnerability tracked under the CVE-2017-5121 advisory.
Consequences of the Google Chrome RCE Bug (CVE-2017-5121)
Google Chrome is noteworthy for using a multi-process model of execution. This essentially means that the application differentiates between operations of the software itself, the graphical card (for video playback) and the web rendered itself. During the security investigation of the CVE-2017-5121 RCE bug the Microsoft team discovered that the vulnerability abuse can lead to several dangerous cases:
- Attackers can steal saved passwords from any website by hijacking the PasswordAutofillAgent interface.
- Attackers can navigate to any website in the background without the user noticing, for example, by creating stealthy pop-unders. This is possible because many user-interaction checks happen in the renderer process, with no ability for the browser process to validate. The result is that something like ChromeContentRendererClient::AllowPopup can be hijacked such that no user interaction is required, and attackers can then hide the new windows. They can also keep opening new pop-unders whenever one is closed, for example, by hooking into the onbeforeunload window event.
One of the most dangerous consequences is the fact that the malicious operators of attacks incorporating the code execution bug can lead to identity theft and potential sensitive data extraction.
How to Protect from the Google Chrome RCE Bug (CVE-2017-5121)
The vulnerability was reported to the Google security team by Microsoft and the bug was quickly eliminated by a new Google Chrome update. All users running the application should apply the update if it has not been installed automatically already by the built-in engine.
We still highly recommend that everyone utilize a quality malware solution. In the event that criminals exploit a similar vulnerability the security program will be able to remove active infections with only a few mouse clicks.
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter