This means you need a secure and reliable way of shuffling data between the separate processes of the browser. On the other hand, sharing one big memory space means that a bug in one part of the program, such as the thread that is busily rendering and displaying your first browser tab, could trample on or affect code that’s busy with other things, such as the threads handling the rest of the tabs you have open.Īs a result, modern browsers generally split themselves into numerous separate processes, for example so that each tab is handled in an independent process, thus preventing one runwaway tab from trivially leeching data such as cookies and access tokens from others tabs related to completely different websites. That means that threads can interact and share data much more easily, because they can simply dip directly into the same common pool of data, including checking the current configuration settings, exchanging memory addresses, sharing file handles, re-using cached images directly from RAM, and much more. Splitting a single-process application into threads is more convenient (by which we mean “is much quicker and easier, but way less secure”) than splitting it into separate processes, because all the threads inside a process have access to the same chunk of memory. Loosely speaking, a process can consist of multiple threads, which are essentially “sub-processes” inside the main process, by means of which a single program can quietly get on with doing two things at the same time, such as printing out a document while you’re scrolling through it, or carrying out a spelling check in the background. These days, for security reasons, browsers generally don’t run as a single, monolithic operating system process. Mojo, in case you’re wondering, is a Google code library for what’s known as IPC, short for inter-process communication. Once again, the brevity of Google’s report means that, even though the bug report is High and not Critical, we’re going to invite you to infer that we’re talking about RCE here, and therefore to assume that a determined attacker could use this bug to implant malware from scratch. RCE exploits, on the other hand, are commonly used either to get a beachhead inside a network to initiate an attack, or to jump repeatedly from computer to computer once inside, or both. They’re still vital to patch, because a crook who’s sneaking round your computer under cover of a limited user such as GUEST will often bring along an EoP exploit to “promote” themselves so they have root or sysadmin powers, aiming to turn what might otherwise have been a modest risk on a single computer into a total compromise of your whole network. We’d love to be able to determine, given that the bug relates to the incorrect handling of input data, whether this bug leads to a worrying security outcome such as EoP, short for elevation of privilege, or if it can be abused for a more disastrous result such as full-blown RCE, short for remote code execution.ĮoP typically means that crooks need a malware foothold to start with, so that EoP bugs usually can’t be exploited for breaking in the first place. Which has been reported by the Chromium team as having an exploitĪs always, our translation of security holes written up in this non-committal way is: “Crooks or spyware vendors found this vulnerability before we did, have figured out how to exploit it, and are already doing just that.” Microsoft has put out an update, too, taking its browser, which is based on Chromium, to Edge 1.27.įollowing Google’s super-brief style, Microsfoft wrote merely that: This update contains a fix for CVE-2022-3075, Google is aware of reportsrts that an exploit The release notes confirm, in the clipped and frustrating “indirect statement made in the passive voice” bug-report style that Google seems to have borrowed from Apple: CVE-2022-3075: Insufficient data validation in Mojo. …the Google programmers announced the release of Chrome 1.102, where the last of the four numbers in the quadruplet jumps up from 52 on Mac and Linux and 54 on Windows. Just three days after Chrome’s previous update, which patched 24 security holes that were not in the wild…
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |