Another exploit for a vulnerability in Chrome posted on Twitter

Another exploit for a vulnerability in Chrome posted on Twitter

Twitter posted the second exploit this week for a zero-day vulnerability in Chromium, which affects Chrome, Edge, and probably other browsers.

Proof of concept exploit was published by a researcher known as frust:

The specialist also published a video demonstrating the exploitation of vulnerability.

The exploit was published the day after Google released Chrome 89.0.4389.128, which fixed another zero-day issue recently discovered in the Pwn2Own hacker contest. An exploit for it was published a few days later by Indian researcher Rajvardhan Agarwal, who discovered the bug itself by examining patches in the V8 source code.As well as the first bug, the vulnerability found by fruit prevents escape from the Chromium sandbox. That is, the attacker will first need to get out of the sandbox by combining the problem with other vulnerabilities. For example, the vulnerability works in Chrome (89.0.4389.128) and Edge (89.0.774.76) if you use the –no-sandbox argument.

It is not yet clear if this issue is fixed in the new Chrome 90 released the day before.

__________________________________________________

ProApk on Telegramhttps://t.me/proapk_in

ProApk on Google Newshttps://news.google.com/publications/CAAqBwgKMP_S9AowhYDbAg

ProApk on Twitterhttps://twitter.com/xdapirates

ProApk on Facebookhttps://facebook.com/www.proapk.in