Google Shares New Information About Vulnerabilities Found In Chrome

Posted by

Google security researchers are sharing new information about vulnerabilities found in Chrome, Firefox, and Windows.

In a post, Google and Risk Analysis Group (TAG) information steps taken given that discovering an industrial spyware operation with ties to Variston IT.

Based in Barcelona, Spain, Variston IT claims to offer custom-made security solutions. However, the company is connected to an exploitation framework called “Heliconia.”

Heliconia works in 3 ways:

  • It makes use of a Chrome renderer bug to run malware on a user’s os.
  • It releases a destructive PDF document consisting of an exploit for Windows Protector.
  • It utilizes a set of Firefox exploits for Windows and Linux devices.

The Heliconia exploit was utilized as early as December 2018 with the release of Firefox 64.

New details released by Google reveals Heliconia was most likely utilized in the wild as a zero-day make use of.

Heliconia presents no danger to users today, as Google says it can not find active exploitation. Google, Mozilla, and Microsoft fixed the bugs in early 2021 and 2022.

Although Heliconia is covered, industrial spyware is a growing problem, Google states:

“TAG’s research study highlights that the business security industry is thriving and has actually expanded considerably recently, creating risk for Web users around the world. Commercial spyware puts innovative monitoring abilities in the hands of federal governments who use them to spy on reporters, human rights activists, political opposition and dissidents.”

To protect yourself versus Heliconia and other exploits like it, it’s important to keep your web browsers and operating system approximately date.

TAG’s research into Heliconia is available in Google’s new post, which Google is publishing to raise awareness about the hazard of commercial spyware.

Source: Google

Featured Image: tomfallen/Best SMM Panel