Security News > 2021 > July > Google Details iOS, Chrome, IE Zero-Day Flaws Exploited Recently in the Wild

Google Details iOS, Chrome, IE Zero-Day Flaws Exploited Recently in the Wild
2021-07-15 05:45

Threat intelligence researchers from Google on Wednesday shed more light on four in-the-wild zero-days in Chrome, Safari, and Internet Explorer browsers that were exploited by malicious actors in different campaigns since the start of the year.

What's more, three of the four zero-days were engineered by commercial providers and sold to and used by government-backed actors, contributing to an uptick in real-world attacks.

Both Chrome zero-days - CVE-2021-21166 and CVE-2021-30551 - are believed to have been used by the same actor, and were delivered as one-time links sent via email to targets located in Armenia, with the links redirecting unsuspecting users to attacker-controlled domains that masqueraded as legitimate websites of interest to the recipients.

The malicious websites took charge of fingerprinting the devices, including collecting system information about the clients, before delivering a second-stage payload. When Google rolled out a patch for CVE-2021-30551, Shane Huntley, Director of Google's Threat Analysis Group, revealed that the vulnerability was leveraged by the same actor that abused CVE-2021-33742, an actively exploited remote code execution flaw in Windows MSHTML platform that was addressed by Microsoft as part of its Patch Tuesday update on June 8.

Google did not disclose the identities of the exploit broker or the two threat actors that used the vulnerabilities as part of their attacks.

Attacks leveraging CVE-2021-1879, which Google attributed to a "Likely Russian government-backed actor," were executed by means of sending malicious links to government officials over LinkedIn that, when clicked from an iOS device, redirected the user to a rogue domain that served the next-stage payloads.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/J51bCpFSyXc/google-details-ios-chrome-ie-zero-day.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-06-15 CVE-2021-30551 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
8.8
2021-06-08 CVE-2021-33742 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
Windows MSHTML Platform Remote Code Execution Vulnerability
0.0
2021-04-02 CVE-2021-1879 Cross-site Scripting vulnerability in Apple Watchos
This issue was addressed by improved management of object lifetimes.
network
low complexity
apple CWE-79
6.1
2021-03-09 CVE-2021-21166 Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian
8.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 102 256 4320 4678 741 9995