Firefox and Windows zero-day security bugs hit by Russian hackers, so be on your guard

ESET discovers two zero-day vulnerabilities that can lead to remote code execution
The researchers spot Russian hackers abusing the flaws to deploy backdoors
Fixes for both flaws are already available to download

A Russian advanced persistent threat (APT) group known as RomCom has been exploiting two zero-day vulnerabilities to hit its victims with potent backdoor malware, security experts have said.

ESET said its researchers first found a use-after-free bug in the animation timeline feature in Firefox. Since the bug forces the browser to use memory that has already been freed, it can lead to all sorts of undefined behavior, including executing code in the restricted context of the browser. This bug was discovered on October 8, and was assigned CVE-2024-9680. It was fixed a day later, on October 9.

Further investigation led to the discovery of a second vulnerability, this time in Windows, tracked as CVE-2024-49039, WHICH allows previously authenticated crooks to run arbitrary code in the system. By chaining the two vulnerabilities together, the attackers were able to deploy backdoors on target devices.

Targeting Europe and North America

In practice, thIS means embedding a website with code that is capable of exploiting the vulnerabilities, redirect the victims to a server where the backdoor is hosted, and have the operating system infected. The worst part is that the attack is “zero-click” – meaning besides visiting the malicious website, the exploit requires no interaction from the victim’s side.

While ESET does not discuss how many people, or entities, fell victim to the attack, they say that the majority of victims tracked between October 10 and November 4 were located in Europe and North America.

It is also worth pointing out that patches for both flaws have been available for more than a month now, and the best way to defend against the attack is to have Firefox, Thunderbird, and the Tor Browser (which were all said to have been vulnerable) all patched, together with Windows.

https://cdn.mos.cms.futurecdn.net/85kAnS2rcuxwyaibPRC4Ze-1200-80.jpg

Source link

There’s never been a cheaper time to get into Philips Hue thanks to these epic Black Friday deals on starter kits

Get the best Black Friday deals on tech every single day

Samsung’s Black Friday sale has the Galaxy S24 Ultra deal of the year – get it for $499

Samsung reveals eye-opening stat about its The Frame TV buyers

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

People are driving through flames to escape this California wildfire

New ‘Westworld’ trailer introduces us to another dystopian tech company

What’s the point of ‘Charlie’s Angels’ without Sam Rockwell dancing?

These striking photos capture the future of human flight

‘Heathers’ is still the best dark comedy about high school hell

Trump vs. Harris: How the election will affect EV adoption

Lumwana’s Super Pit Expansion Officially Launched By Investing.com

How Biden could use a 1947 law to suspend the dockworkers’ strike

Why your Roth IRA conversions could have ‘unintended’ tax consequences

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

Firefox and Windows zero-day security bugs hit by Russian hackers, so be on your guard

There’s never been a cheaper time to get into Philips Hue thanks to these epic Black Friday deals on starter kits

Get the best Black Friday deals on tech every single day

Samsung’s Black Friday sale has the Galaxy S24 Ultra deal of the year – get it for $499

Samsung reveals eye-opening stat about its The Frame TV buyers

Leave a reply Cancel reply