Categories: SecurityWorkspace

Critical Attack Flaw Found In Google Chrome

Computer security researchers have discovered a bug in a component used in Google’s Chrome browser that they say could allow attackers to easily take over a vulnerable system.

The bug could be exploited by tricking a users running a vulnerable version of Chrome into viewing a malicious PDF file, according to researchers at Talos, a division of Cisco.

PDF risk

Chrome last month passed Internet Explorer as the most widely used browser worldwide.

“By simply viewing a PDF document that includes an embedded jpeg2000 image, the attacker can achieve arbitrary code execution on the victim’s system,” they wrote in an advisory.

The attack is made possible by a bug in PDFium, the default PDF reader in Chrome, they said. The vulnerability was found in the reader’s jpeg2000 parsing library, called OpenJPEG, but is only exploitable in Chrome due to particularities in the way the browser is built, they said.

Talos’ researchers said they tested the bug and found that it was “fairly easy” to exploit.

‘Easy’ attack

“The only difference between a valid jpeg2000 file and the one that triggers this vulnerability is the fact that SIZ marker specifies 0 components,” they wrote. “The most effective attack vector is for the threat actor to place a malicious PDF file on a website and and then redirect victims to the website using either phishing emails or even malvertising. Users frequently browse PDF files when surfing the web.”

Talos said it reported the bug to Google last month and a fix was included with Chrome’s 51.0.2704.63 release on May 25. The firm urged users to ensure their browser is up to date, warning that even though the browser updates automatically, users must restart to enable the latest version.

Like other software makers, Google offers a bug bounty for Chrome, doubling it to $100,000 (£70,500) earlier this year.

Google said last month it plans to disable Adobe’s Flash in the browser by default this autumn in order to head off frequent security risks introduced by the component.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago