China-based firm Qingteng Cloud Security, reported that threat actors weaponized the recently disclosed Chrome exploit to target WeChat users in China. According to the researchers, the attacks only targeted users of the WeChat Windows app. The security firm did not reveal which of the two PoC codes released last week were employed in the attacks.
Last week, two distinct researchers released exploit codes for two new Chromium zero-day remote code execution exploit affecting Google Chrome, Microsoft Edge, and likely other Chromium-based browsers.
The WeChat Windows client was impacted by the issues because it leverages the Chromium browser engine to manage links within the application.
Both remote code execution vulnerabilities disclosed last week could not escape Chromium’s sandbox, which means that attackers have chained them with a sandbox escape exploit to executing arbitrary code on the underlying system.
Anyway, as reported in a post by The Record, applications that don’t use a sandbox mechanism could expose the underlying OS to the risk of a hack.
Qingteng shared its findings with Tencent, the Chinese giant that developed WeChat, which updated the Chromium engine used by the application.
The good news is that both flaws have been already addressed by maintainers of the Chromium project and developers of major browsers are applying them.
Chrome has only fixed one of the flaws (CVE-2021-21220), while Microsoft Edge fixed both exploits.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, Chrome)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.