Security News > 2021 > February > Google Chrome, Microsoft IE Zero-Days in Crosshairs
Google late Thursday night shipped an emergency patch to close a Chrome browser vulnerability that was being used in mysterious zero-day attacks.
The Google Chrome patch, which is being pushed via the browser's automatic self-patching, covers a critical vulnerability in V8, Google's JavaScript and WebAssembly engine.
The patch release comes amidst reports that a Google Chrome zero-day exploit was being used in the North Korean government-backed attacks against numerous researchers and personalities scattered across the offensive and defensive security space.
Beyond a blog post with the initial warning from its TAG, Google has been quiet on the possible use of a Chrome zero-day was used in the North Korean social-engineering campaign and whether this latest patch provides cover for that vulnerability.
Adding fuel to the fire, South Korean security vendor ENKI has published a claim that a Microsoft Internet Explorer browser zero-day may also be linked to the North Korean campaign.
Microsoft has itself documented its own findings on the North Korean hacks against white-hat researchers, threat intel professionals and offensive security professionals but Microsoft does not mention the use of an Internet Explorer zero-day.
News URL
Related news
- Google Chrome gets real-time phishing protection later this month (source)
- Google fixes Chrome zero-days exploited at Pwn2Own 2024 (source)
- Google Chrome Beta Tests New DBSC Protection Against Cookie-Stealing Attacks (source)
- Google fixes one more Chrome zero-day exploited at Pwn2Own (source)
- Google Chrome Adds V8 Sandbox - A New Defense Against Browser Attacks (source)
- Google Chrome: Security and UI Tips You Need to Know (source)
- Google Chrome's new post-quantum cryptography may break TLS connections (source)
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- Google Introduces Enhanced Real-Time URL Protection for Chrome Users (source)
- Microsoft again bothers Chrome users with Bing popup ads in Windows (source)