Stories
Slash Boxes
Comments

SoylentNews is people

Chrome Bug Squashed, QNAP NAS Nasty Hits, Bluekeep Malware Spreads, and More

posted by Fnord666 on Tuesday November 05 2019, @06:18PM   Printer-friendly
from the a-long-list dept.

Arthur T Knackerbracket has found the following story:

Anyone running Chrome will want to update and restart their browser in order to make sure they have the latest build, as usual. Google has patched a bunch of flaws including a use-after-free() vulnerability (CVE-2019-13720) that was being actively exploited in the wild against victims. Make sure you're running version 78.0.3904.87 or higher for Windows, Mac, and Linux to be safe.

More technical details are here: essentially, a malicious JavaScript file on a webpage can exploit the vulnerability to potentially gain arbitrary code execution and install spyware and other horrible stuff on the computer. Kaspersky reckons the flaw was abused in an attempt to infect Chrome-using visitors of a Korean-language news website, in a campaign dubbed Operation WizardOpium.

We hope you've all patched your Windows systems for the BlueKeep RDP flaw, which can be exploited to achieve remote-code execution on vulnerable machines. It appears Monero-mining malware is spreading among un-patched boxes via the security flaw. Microsoft patched the bug way back in May.

Marcus Hutchins, with help from Kevin Beaumont, has detailed the spread of the BlueKeep-exploiting nasty here for Kryptos Logic.

All the more reason to ensure you're patched.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Chrome Bug Squashed, QNAP NAS Nasty Hits, Bluekeep Malware Spreads, and More | Log In/Create an Account | Top | 10 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Informative) by EvilSS on Tuesday November 05 2019, @07:23PM (1 child)

    by EvilSS (1456) Subscriber Badge on Tuesday November 05 2019, @07:23PM (#916459)
    The BlueKeep in-the-wild exploit seems to be having a (probably) unintended side effect even on patch systems. There has been a massive up-tick in failed authentication attempts on internet accessible RDP servers this week. The rate of the attempts are so high that in some cases that it has hammered the hosts to the point that legit users are getting connection errors.

    Yet another reason to NOT expose RDP directly to the internet. There are plenty of solutions to allow remote access without having to put the RDP service directly on the internet, including solutions from MS themselves. But that takes a little more effort and who has time for that I guess.
    Starting Score:    1  point
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 0) by Anonymous Coward on Tuesday November 05 2019, @08:23PM

    by Anonymous Coward on Tuesday November 05 2019, @08:23PM (#916493)

    What assurance, given the track record, have we that the supplied "patch" KB_whatever_number_ does not open several doors, invite spyware and surveillance friends, etc? MS are no longer trusted. Goog, the same. In fact 99% of US tech companies - not trusted. Distrust goes up to pure 100% for software supplied from other large world powers...