Written by Anthony Carballo
on November 04, 2019

Vulnerabilities are not unusual to Chrome, at least Google tries to address them quickly, the good news is that there is a patched version, the downside is that if you want it now, you have to do it manually. It does not matter whether you are using Windows, MacOS, or Linux, you need to update your web browsing software immediately to the latest version Google released earlier today.

One of these vulnerabilities is a zero-day type, and it is actively exploited in the wild. Google is warning users to install an imperative software update at the earliest convenience to patch these two high severity vulnerabilities found.

Known as 'use-after-free,' referencing to memory that after has been freed can be used for malicious purposes. This vulnerability is a class of memory corruption issues that allows corruption or modification of data in the memory, enabling an unprivileged user to escalate privileges on an affected system or software.




The first vulnerability relates to PDF files, a use-after-free error in the PDFium component from Chrome. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger a use-after-free error, and execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise the vulnerable system.


The second vulnerability relies on HTML and the Chrome audio component that can load a malicious JavaScript.

The attack leverages a waterhole attack on a compromised Korean-language news portal. A malicious JavaScript code was inserted on the main page, which in turn, loads a profiling script from a remote site.

The exploit installs the first stage malware on the targeted vulnerable browser, which then connects to a remote Command-and-Control server to download a much more invasive and encrypted payload.

It can determinate whether it is a vulnerable version or no by running a simple but yet effective script.

If the browser version checks out, the script starts performing several AJAX requests to the attacker's C&C server, where a pathname points to the argument that is passed to the script. The first request is necessary to obtain some relevant information for further use. This information includes several hex-encoded strings that tell the script how many chunks of the actual exploit code should be downloaded from the server, as well as a URL to the image file that embeds a key for the final payload and the RC4 key to decrypt these chunks of the exploit's code.




The use-after-free issue is one of the most common vulnerabilities discovered and patched in the Chrome web browser in the past few months. Just over a month ago, Google released a critical security update for Chrome to patch a total of four 'use-after-free' vulnerabilities in different components of the web browser.

It is highly suggested that if you are using this Browser update it as soon as possible, Google has addressed both vulnerabilities in Google Chrome 78.0.3904.87 for Windows, Mac, and Linux. The update will eventually arrive automatically; however, if you follow our advice below, you can have the updated version in just seconds.




These vulnerabilities are tracked under:





Vulnerable Versions

All before the version 78.0.3904.87




To install the update, you need to go to chrome://settings/help you can copy this address and paste it into the browser bar, it will start automatically to update, after that, you need to relaunch the same.


TTPs: Tactics, techniques and procedures

CVEs: Common Vulnerabilities and Exposures


Let Us Know What You Thought about this Post.

Put your Comment Below.

You may also like:

Cybersecurity Awareness Vulnerability Threat Hunting PowerShell

Analísis de la necesidad de registrar eventos de PowerShell.

Amedida que continuamos desarrollando CyberEasy, nuestro equipo de ingeniería agregó muchas características para habilit...

Cybersecurity Awareness Vulnerability Threat Hunting PowerShell

The need for PowerShell logging and further analysis.

As we continue to develop CyberEasy, our engineering team added a lot of features for enabling, collecting and analyzing...

Phishing Vulnerability

COVID-19 y estafas

COVID-19 es uno de los temas más importantes en todo el mundo en este momento, y los ciberdelincuentes se están aprovech...