Windows, Chrome Zero-Days Chained in Operation WizardOpium Attacks

Discussion in 'other security issues & news' started by mood, Dec 11, 2019.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    23,915
    Windows, Chrome Zero-Days Chained in Operation WizardOpium Attacks
    December 10, 2019
    https://www.bleepingcomputer.com/ne...ays-chained-in-operation-wizardopium-attacks/
    Kaspersky: Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium
     
  2. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    23,915
    Microsoft Zaps Actively Exploited Zero-Day Bug
    December 10, 2019
    https://threatpost.com/microsoft-actively-exploited-zero-day-bug/150992/
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,397
    Location:
    The Netherlands
    You see, this is what I'm talking about. If you combine this RCE bug with a Windows zero day, you can break out of the browser's sandbox. However, you don't need a Windows zero day for this, sometimes people also find bugs in the browser itself that can bypass the sandbox. This applies to both Chrome and Firefox. But this doesn't mean malware will also bypass a sandbox running on top like Sandboxie.
     
  4. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    2,744
    Location:
    Canada
    Or we can eliminate the XSS threat...


    Screenshot2.png
     
  5. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,397
    Location:
    The Netherlands
    I don't believe this will block all exploits. And yes we can block all JS on websites, but this will also break almost all sites, so let's don't go there.
     
  6. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    2,744
    Location:
    Canada
    That's nonsense. It doesn't break most sites. Very few in fact. And blocking 3rd-party scripts and iframes will block numerous exploits. Not all, of course, but many of them.
     
  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,397
    Location:
    The Netherlands
    I think you need to read better. I said if you block all JS it will break most websites, that's a fact. I was not talking about blocking XSS. And yes, I guess you're right about blocking 3rd party scripts and iframes.
     
  8. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    2,744
    Location:
    Canada
    Fair enough, but why would you even mention that when I posted nothing about blocking all js.
     
  9. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,397
    Location:
    The Netherlands
    I mentioned this, because blocking all first party scripts is yet another way to block exploits. But it's not very user friendly one. In theory you could lure users into a certain site that will then exploit the browser via first party scripts, and blocking XSS and third party scripts won't help then.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.