WizardOpium Exploit : Update Google Chrome ASAP!

Kaspersky recently discovered a Google Chrome zero day exploit that was being used in Operation WizardOpium.

Here are the full details, but the TLDR message is – make sure you update Google Chrome ASAP!

 

The WizardOpium Exploit : What Is It?

Kaspersky’s automated Exploit Prevention subsystem detected the exploit, which they dubbed WizardOpium. It used a zero day vulnerability that had hitherto not known to developers.

Update Google Chrome ASAP To Fix WizardOpium Exploit!

 

The WizardOpium Exploit : How Does It Work?

The attacks, which Kaspersky called Operation OpiumWizard, began with an infiltration at a Korean news website, where attackers managed to inject malicious code.

It loads a script from a third-party site that first checks if the system is suitable for infection – they were interested only in Chrome for Windows, not older than version 65.

If the operating system and browser requirements are met, the script downloads the WizardOpium exploit piece by piece, reassembles and decrypts it.

Google Chome

The script then runs another check on the version of Google Chrome, working exclusively with Chrome 76 or 77.

After verifying that it has the right Chrome version, the script then leverages the use-after-free vulnerability CVE-2019-13720, based on the improper use of system memory.

By manipulating the system memory, the exploit gains permission to read and write data, which it immediately uses to download, decrypt and run the malware package.

 

The WizardOpium Exploit : Solution

Kaspersky cybersecurity products will detect the exploit, and identify it as Exploit.Win32.Generic.

On discovering it, they reported it to Google with the identifier CVE-2019-13720.

Google fixed the bug in Chrome 78.0.3904.87 for Windows, macOS and Linux. Just make sure you update to that version, or newer… ASAP!

To make sure you have the update, follow these steps :

  1. Click on the 3 vertical dots at the upper right corner of Chrome (Customise and control Google Chrome)
  2. Select Help > About Google Chrome.
  3. In the About Chrome page, it should say that you have Version 78.0.3904.87 or higher
  4. If not, Chrome will automatically start looking for, and installing the latest update
  5. Click Relaunch to restart Chrome.

 

Suggested Reading

Go Back To > Cybersecurity | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Comments

comments

About The Author

Leave a Reply

%d bloggers like this: