Cybercrime Chrome
Vulnerabilities in Windows and Chrome Used in Series of Highly Targetted Attacks
In April, Kaspersky experts discovered a number of highly targeted attacks against multiple companies utilising a previously undiscovered chain of Google Chrome and Microsoft Windows zero-day exploits. One of the exploits was used for remote code execution in the Chrome web browser, while the other was an elevation of privilege exploit fine-tuned to target the latest and most prominent builds of Windows 10. The latter exploits two vulnerabilities in the Microsoft Windows OS kernel: Information Disclosure vulnerability CVE-2021-31955 and Elevation of Privilege vulnerability CVE-2021-31956. Microsoft has patched both today as part of Patch Tuesday. Zero-Day Attacks Recent months have seen a wave of advanced threat activity exploiting zero-days on the internet. In mid-April, Kaspersky experts...
