Chrome 0day is being exploited now for CVE-2022-1096; update immediately

265 点作者 gargarplex大约 3 年前

22 条评论

It looks like this impacts all chromium-based browsers [0] which might not be obvious (was not for me anyway)[0] <a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1096" rel="nofollow">https://msrc.microsoft.com/update-guide/vulnerability/CVE-20...</a>

ainar-g大约 3 年前

Looks like these are the two commits, based on the issue number:<a href="https://github.com/v8/v8/commit/0981e91a4f8692af337e2588562ad1504f4bffdc" rel="nofollow">https://github.com/v8/v8/commit/0981e91a4f8692af337e2588562a...</a><a href="https://github.com/v8/v8/commit/a2cae2180a7a6d64ccdede44d730c9fbba690fb7" rel="nofollow">https://github.com/v8/v8/commit/a2cae2180a7a6d64ccdede44d730...</a>Although there could be others.

评论 #30855313 未加载

评论 #30821759 未加载

评论 #30816956 未加载

tommiegannert大约 3 年前

Looks like 99.0.4844.84 is the release we want.<a href="https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html" rel="nofollow">https://chromereleases.googleblog.com/2022/03/stable-channel...</a>

评论 #30819229 未加载

评论 #30817266 未加载

评论 #30815996 未加载

_Nat_大约 3 年前

> Not much is known, at least publicly, at this stage about CVE-2022-1096 other than it is a "Type Confusion in V8." This refers to the JavaScript engine employed by Chrome.Is there a safer JavaScript engine folks can use without having to worry about this sorta thing? Even if it's slower, less compatible, more resource-intensive, etc.?I feel like, in most cases, I could make due with JavaScript being 10x or even 100x slower, taking up 10x the RAM, lacking some uncommon features, and so forth -- if it meant being able to enable it without needing to worry about new zero-days.

评论 #30815473 未加载

评论 #30815093 未加载

评论 #30815288 未加载

评论 #30814867 未加载

评论 #30815021 未加载

评论 #30815351 未加载

评论 #30816344 未加载

评论 #30815540 未加载

评论 #30815140 未加载

评论 #30830662 未加载

评论 #30815770 未加载

mdb31大约 3 年前

Chromium-based versions of Microsoft Edge are also vulnerable: updating to 99.0.1150.55 fixes this CVE

gruez大约 3 年前

Is there a site/service/mailing list that provides notifications for critical/RCE/in-the-wild exploit patches? Keeping every piece of software you run up-to-date takes a lot of work, and something like that would help with knowing what to prioritize.

评论 #30815276 未加载

评论 #30830636 未加载

评论 #30815854 未加载

fn-mote大约 3 年前

I use snap for some applications in spite of the trouble it has caused me. I was super-happy to find out that it had upgraded me to a not-vulnerable verson of chromium before I even knew to look.For all of the (deserved) hate snap gets, there are some shining up sides.

评论 #30815846 未加载

nathants大约 3 年前

securing a machine that is updated regularly and runs untrusted code is not realistic, monitoring network exfil is.an exploit that cannot communicate is likely benign and easy to detect in the attempt.monitor all outbound network connections with a gui prompt that defaults to deny. whitelist trusted domains/ip for a better experience and a bit less security.macos has littlesnitch[1], linux has opensnitch[2], or roll your own on libnetfilterqueue[3].bonus points if the filtering happens upstream at a router or wireguard host so a compromised machine cannot easily disable filtering.bonus points if the filtering is at executable level granularity instead of system level.1. <a href="https://www.obdev.at/products/littlesnitch/index.html" rel="nofollow">https://www.obdev.at/products/littlesnitch/index.html</a>2. <a href="https://github.com/evilsocket/opensnitch" rel="nofollow">https://github.com/evilsocket/opensnitch</a>3. <a href="https://github.com/nathants/tinysnitch" rel="nofollow">https://github.com/nathants/tinysnitch</a>

评论 #30821479 未加载

t3odump大约 3 年前

I would like to analyze the issue of browser security without controversy. The mitigations that Edge puts into practice (I'm talking about "Super Duper Secure" and "Enhanced Security") can prevent the operation of exploits in the V8 engine like this 0-day?Is this platform dependent or the mitigation in progress works well? I mean for example some feature on mac and Linux is available out of the box asACG feature.This analysis is very interesting because I have only read analisys related to privacy and not about security and integrity. (I mean compare between Chorme, Edge, Brave, etc ...)

janci大约 3 年前

Is Chrome for android affected? And V8 in nodejs?

buro9大约 3 年前

Type confusion in V8... May well impact Cloudflare workers too.

评论 #30815275 未加载

评论 #30816424 未加载

eezurr大约 3 年前

Anyone know if this affects Vivaldi? I assume it does since it's chromium based, but there isn't an update available.

评论 #30816131 未加载

bArray大约 3 年前

Just added a bug for the Ubuntu Chromium dev PPA to update their packages: <a href="https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1966572" rel="nofollow">https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+...</a>

ruuda大约 3 年前

Type confusion in V8 ... Fortunately I turned off javascript by default since Meltdown/Spectre.

评论 #30815744 未加载

amelius大约 3 年前

Is Electron at risk too?

评论 #30822596 未加载

评论 #30815080 未加载

sysOpOpPERAND大约 3 年前

why is chrome having so many updates within the past few months? is it because of coverage? (more users?). i use chrome off and on between that and firefox depending on the site and i am surprised how often i've been reading about issues with chrome.should i switch browsers all together?

评论 #30825109 未加载

评论 #30819259 未加载

whatev1942大约 3 年前

What about CloudFlare ? Does this bring to question their decision to use V8 ?

paulpauper大约 3 年前

this just goes to show that updates are always 2 or so steps behind. It's a near certainty that governments, top criminal organizations have a trove of exploits for all major programs, and new ones created after old ones get patched.

badrabbit大约 3 年前

Is there a public exploit for this? Working on detecting browser exploitation myself.

评论 #30815962 未加载

评论 #30815679 未加载

评论 #30817932 未加载

TT-392大约 3 年前

Anyone know if qutebrowser is affected?

评论 #30846993 未加载

评论 #30815748 未加载

评论 #30815745 未加载

baq大约 3 年前

Just what the doctor ordered in the middle of a war which is also waged in the information space. Hopefully the fact that it’s in v8 will take the exploit a bit longer than usual to proliferate.

评论 #30814878 未加载

octoberfranklin大约 3 年前

When the web "standards" are so insanely complicated that even Google can't implement them securely, it's time to admit that we have a problem.When there is only one other complete implementation of these "standards" (with miniscule market share), it's time to panic.

评论 #30815004 未加载

评论 #30814955 未加载

评论 #30814981 未加载