The Record reports that the Chinese cybersecurity company Qingteng Cloud Security has detected attacks on WeChat users, in which is used a fresh vulnerability in Chrome. The attackers used an exploit published last week.
The attacks were extremely simple: malicious links were sent to Chinese WeChat users (only Windows versions of the application). If the user clicked on such a link, JavaScript code was run, which downloaded and executed the shellcode on the victim’s system.
The attackers are known to have used a PoC exploit for a fresh vulnerability in Chromium. Let me remind you that two such exploits were published on the network last week, and it is still unknown which of them we are talking about.
It should be said that currently both bugs have been fixed by Microsoft Edge, and only the first bug has been fixed in Chrome.
The fact is that WeChat also uses Chromium to open and preview links so as not to open a separate browser, which means it can be susceptible to both problems. And last week, researchers emphasized that their exploits are not able to escape the sandbox, but they can work with applications that use Chromium as a basis, without the sandbox.
Qingteng Cloud Security said it has already notified WeChat developer Tencent of the issue, and the company has rushed to integrate the latest Chromium security updates into its app.
Let me remind you that I wrote that Chrome frantically fixes 0-day vulnerabilities again.
