Update For UnPatched Browsers — RCE Exploit

Home/Security Update/Update For UnPatched Browsers — RCE Exploit

Update For UnPatched Browsers — RCE Exploit

An exploit aimed at the V8 JavaScript rendering engine to hack Google Chrome and Microsoft Edge (Chromium) browsers.

Browser RCE Exploit

Researcher discovered flaw impacting Google Chrome and other Chromium-based browsers like Microsoft Edge, Opera, and Brave.

Rajvardhan Agarwal, Indian security researcher published a proof-of-concept (PoC) exploit code for a newly discovered flaw impacting multiple browsers.

In addition, the remote code execution vulnerability is in the V8 JavaScript rendering engine that powers the web browsers.

According to Rajvardhan, the PoC HTML file, and its associated JavaScript file, can be loaded in a Chromium-based browser.

Certainly to exploit the security flaw and launch the Windows calculator (calc.exe) app.

But it’s worth noting that the exploit needs to be chained with another flaw that can allow it to escape Chrome’s sandbox protections.

Follow Us on: Twitter, InstagramFacebook to get the latest security news!

After details of the flaw were shared with the company, Agarwal was able to put together the PoC by reverse-engineering the patch that Google’s Chromium team pushed to the open-source component.

In a tweet, “Getting popped with our own bugs wasn’t on my bingo card for 2021”.

Further added, “Not sure it was too smart of Google to add that regression test right away.”

In short, yet to make its way to the stable channel and patch for the V8 flaw., thereby leaving the browsers vulnerable to attacks.

By | 2021-04-14T17:09:27+05:30 April 14th, 2021|Security Update|

About the Author:

FirstHackersNews- Identifies Security

Leave A Comment

Subscribe to our newsletter to receive security tips everday!