A vulnerability has been discovered in Google Chrome running on Windows, Mac and Linux, which could allow for malicious code to be executed simply by visiting an infected website. Successful exploitation of this vulnerability could allow an attacker to execute code of their choice in the context of the browser. Depending on the privileges associated with the application, an attacker could view, change, or delete data. Exploitation of the vulnerability may have less impact if Chrome is running under a regular user account compared to one with administrative privileges (e.g. local admin). There are currently reports of this vulnerability being exploited in the wild.
Additional details:
• https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html
• https://www.cisecurity.org/advisory/a-vulnerability-in-google-chrome-could-allow-for-arbitrary-code-execution_2021-022/
• https://us-cert.cisa.gov/ncas/current-activity/2021/02/03/google-releases-security-updates-chrome
• Apply the latest stable channel update for Chrome available from Google immediately after appropriate testing.
• Avoid using the Chrome browser with accounts with administrator privileges to reduce potential impact.
• Remind users about good internet use practices, including not clicking on links from unverified sources or visiting untrusted websites.
• Indicators of compromise will be shared as soon as they’re available.
Lastly, to those who are leveraging our 24/7 Healthcare Security Operations Center (SOC) / SIEM, your network is being monitored and we will provide regular updates. To those who are not – please feel free to reach out to raheel.qureshi@isecurityconuslting.com or kees.pouw@isecurityconsulting.com and we will add you to our distribution list.
We will also provide updates to organizations we are servicing through our Incident Response Retainer.
Do not panic but stay safe and protected. We can always connect with you 1-on-1 to provide better guidance on how to gain better visibility into your controls, network, dark web, privileged user access protection and active threat hunting. The landscape around ransomware has evolved as the Healthcare sector is willing to pay ransom and malicious threat actors are now stronger than ever.
Please go ahead and share this with your peers.
For any other questions or concerns, please feel free to reach out to info@isecurityconsulting.com.
Best Regards,
The iSecurity Team
