Categories: SecurityWorkspace

Critical Attack Flaw Found In Google Chrome

Computer security researchers have discovered a bug in a component used in Google’s Chrome browser that they say could allow attackers to easily take over a vulnerable system.

The bug could be exploited by tricking a users running a vulnerable version of Chrome into viewing a malicious PDF file, according to researchers at Talos, a division of Cisco.

PDF risk

Chrome last month passed Internet Explorer as the most widely used browser worldwide.

“By simply viewing a PDF document that includes an embedded jpeg2000 image, the attacker can achieve arbitrary code execution on the victim’s system,” they wrote in an advisory.

The attack is made possible by a bug in PDFium, the default PDF reader in Chrome, they said. The vulnerability was found in the reader’s jpeg2000 parsing library, called OpenJPEG, but is only exploitable in Chrome due to particularities in the way the browser is built, they said.

Talos’ researchers said they tested the bug and found that it was “fairly easy” to exploit.

‘Easy’ attack

“The only difference between a valid jpeg2000 file and the one that triggers this vulnerability is the fact that SIZ marker specifies 0 components,” they wrote. “The most effective attack vector is for the threat actor to place a malicious PDF file on a website and and then redirect victims to the website using either phishing emails or even malvertising. Users frequently browse PDF files when surfing the web.”

Talos said it reported the bug to Google last month and a fix was included with Chrome’s 51.0.2704.63 release on May 25. The firm urged users to ensure their browser is up to date, warning that even though the browser updates automatically, users must restart to enable the latest version.

Like other software makers, Google offers a bug bounty for Chrome, doubling it to $100,000 (£70,500) earlier this year.

Google said last month it plans to disable Adobe’s Flash in the browser by default this autumn in order to head off frequent security risks introduced by the component.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Elon Musk Fathered Twins With Neuralink Executive

World's richest man, Elon Musk, fathered twins last November, bringing the reported number of his…

26 mins ago

Marriott Hotels Admits Third Breach – Report

Not again. Marriot Hotels has admitted it has suffered a third data breach, with customer…

2 hours ago

Facebook Demands Old FTC Documents In Antitrust Battle

Fresh development in Meta's battle against US regulator, seeking to force Facebook to divest itself…

6 hours ago

Fate Of Newport Wafer Fab Uncertain, As Government Delays Sale Decision

Government delays decision over whether the UK's largest maker of chips can be purchased by…

7 hours ago

Amazon Faces UK Investigation For Suspected Anti-competitive Practices

Another probe. Busy week for the UK's CMA after it confirms investigation of Amazon over…

1 day ago