Google has just issued a warning towards its "circa three billion Chrome users" globally. The company confirmed brand new "high" level attacks directly on its browser.
28 Successful Chrome Attacks Found by Google
Google also announced in an official blog post that 28 different successful Chrome hacks have just been found. Nine of the 28 successful hacks are considered by Google to be "high" level threats.
According to the article by Forbes, the 28 different attacks directly affect Chrome across Windows, Linux, and Mac. In order for users to be able to protect themselves and give them time to upgrade, Google is now restricting information regarding the brand new exploits.
List of Different Chrome Attacks Across Windows
CVE-2022-0789 was reported by SeongHwan Park or SeHwa finding a "heap buffer overflow in ANGLE" on Jan 21, 2022.
CVE-2022-0790 was reported by Anonymous finding a "use after free in Cast UI" on November 26, 2021.
CVE-2022-0791 was reported by Zhihua Yao of KunLab finding a "use after free in Omnibox" on December 9, 2021.
CVE-2022-0792 was reported by Jaehun Jeong (@n3sk) finding a "use of bounds read in ANGLE" on January 11, 2022.
CVE-2022-0793 was reported by Thomas Orlita finding a "use after free in Views" on January 28, 2022.
CVE-2022-0794 was reported by Khalil Zhani finding a "use after free in WebShare" on February 4, 2022.
CVE-2022-0795 was reported by 0x74960 finding a "Type Confusion in Blink Layout" on December 27, 2021.
CVE-2022-0796 was reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd finding a "use after free in Media" on February 10, 2022.
CVE-2022-0797 was reported by Sergei Glazunov of Google Project Zero finding a "out of bounds memory access in Mojo" on December 21, 2021.
Hackers Are Building a Long-Term Pattern Through Using UAF Type of Exploits
Hackers are now continuing to establish a long-term pattern of using UAF or "Use-After-Free," as per Owasps.org, type of exploits. To add, five different successful high-level attacks now bring the Chrome UAF hacks total number all the way to 31 ever since the start back in 2022.
UAF vulnerabilities are said to exploit memory and happen when a particular program does not clear the pointer of the memory after they are freed. Interestingly enough, there is also just a "single High level Heap buffer overflow attack."
Read Also: Russian Space Agency Allegedly Shut Down by Anonymous: Director General Denies Claims
Heap Buffer Overflow Attack Ranked Second Most Prominent Avenue of Attack
The Heap buffer overflow attack has now been ranked the "second most prominent avenue of attack." The Heap buffer overflow is also publicly known as "Heap Smashing."
Should overflows happen, critical data structures will then be overwritten which would make it hacker's ideal target. The article by Forbes also notes that the good news is that the currently the "high" level attacks did not include any Zero-Day vulnerabilities that were being exploited by the latest hacks.
Related Article: NVIDIA Hackers Was Allegedly Hacked Back by NVIDIA: Data 'Un-Stolen?'
This article is owned by Tech Times
Written by Urian B.