Fri. Mar 29th, 2024

Kaspersky, the leading internet security providing service found a vulnerability in Google Chrome. According to Kaspersky, this vulnerability was found in the Korean version of Google chrome. it was exploited to target a Korean news portal. Kaspersky has identified the vulnerability as CVE-2019-13720. The security service has named the attack Operation WizardOpium. The coding used in the attack was similar to the ones used by Lazarus Group in various attacks.

The attack began when hackers injected a Korean news portal with malicious code. This code checks the version of google chrome, if the version is below 65 the code attacks the system. As soon as google found out the vulnerability, the company released a patch 78.0.3904.87 for Windows, Mac, and Linux to fix it. Google has advised that everyone should update their Chrome browser even if the user is not from Korea.

According to Kaspersky, the version of the browser in the user’s system plays a critical role as the older and unpatched versions are more likely to be corrupted. Hackers first inject a malicious JavaScript code in the main page to load a profiling script from a remote site so they can check the version of the browser. A zero-day vulnerability is a computer-based vulnerability where the source is unknown.

To update your Chrome browser simply go to the top right then click on More, you will find the option to update your chrome.

 

Leave a Reply

Your email address will not be published. Required fields are marked *