Google Discovers Vulnerabilities in Chrome and Windows 7

AlphaAtlas

AlphaAtlas

[H]ard|Gawd
Staff member
Joined
Mar 3, 2018
Messages
1,713
Google just publicized a combination of zero-day exploits for Windows 7 and Chrome that are reportedly being exploited together in the wild. The bug in Chrome allegedly involved the browser's file reader, while the vulnerability in Windows "is a NULL pointer dereference in win32k!MNGetpItemFromIndex when NtUserMNDragOver() system call is called under specific circumstances." Google says they reported the bug on February 27th, and pushed out a patch for Chrome on March 1st, but the Windows 7 vulnerability doesn't appear to be patched yet. Google claims they've only observed the Windows exploit on 32-bit Windows 7 systems so far, but notes that exploit mitigations already protect newer version of Windows, and say that "users should consider upgrading to Windows 10 if they are still running an older version of Windows." Sophos took a look at the Chrome bug earlier this week, and they seems to think that a single bad webpage could give attackers remote access to computers.

When we heard that the vulnerability was connected to FileReader, we assumed that the bug would involve reading from files you weren't supposed to. Ironically, however, it looks as though attackers can take much more general control, allowing them to pull off what's called Remote Code Execution, or RCE. RCE almost always means a crooks can implant malware without any warnings, dialogs or popups. Just tricking you into looking at a booby-trapped web page might be enough for crooks to take over your computer remotely.
 
anyone still running win7 32bit in anything other than a specialized hardware application should be trout slapped.
 
"observed the Windows exploit on 32-bit Windows 7 systems so far"

I guess they didn't have a 64bit copy available. Google will have to save their pennies up for further testing.

"users should consider upgrading to Windows 10 if they are still running an older version of Windows."

lol
 
Bobert said:
"observed the Windows exploit on 32-bit Windows 7 systems so far"
Click to expand...

More likely it is something that gets stopped by some of the shit in 64-bit Windows. There are some security features that are either not present, or not on be default in 32-bit that are in 64-bit. So sometimes you'll find that while the vulnerability for an exploit exists in both 32-bit and 64-bit versions, other defenses in the 64-bit versions stop it meaning it can't be used to exploit them.
 
pendragon1 said:
anyone still running win7 32bit in anything other than a specialized hardware application should be trout slapped.
Click to expand...
Or the PC was purchased when 32-bit Windows was still and thing and the user never knew the difference. That's going to be a good many consumer PCs and also quite a few enterprise ones as well. I'm still running across 32-bit Win7 in the company that I work for, and it kills me. Some are vital systems though that cannot be taken down for very long unless absolutely necessary, so even upgrading them every 4-5 years as we do can be a challenge. The hardware isn't even that specialized (and the software works just fine on 64-bit Win7 and Win10) but when downtime costs money and safety in a manufacturing environment...
 
Sycraft said:
More likely it is something that gets stopped by some of the shit in 64-bit Windows. There are some security features that are either not present, or not on be default in 32-bit that are in 64-bit. So sometimes you'll find that while the vulnerability for an exploit exists in both 32-bit and 64-bit versions, other defenses in the 64-bit versions stop it meaning it can't be used to exploit them.
Click to expand...

There is no way they didn't test the 64-bit version of Win7 which likely isn't vulnerable. But it makes for more dramatic headlines to say "OMG Windows 7 totally PWNED!" (Please upgrade to Windows 10 for your safety).
 
_57c8a1a431a592af806925e57258202f.jpg
 
  • Like
Reactions: blkt
like this
You must log in or register to reply here.
Back
Top