Network Security, Patch/Configuration Management, Vulnerability Management

Google fixes 24 bugs in Chrome OS, security pass flaw in reCAPTCHA feature

Google on Tuesday released version 67.0.3396.62 of the Chrome operating system for Windows, Mac and Linux to its stable channel, in the process solving 24 vulnerabilities and introducing its "Site Isolation" security feature to additional users.

Meanwhile, a security researcher separately reported that Google last March patched its reCAPTCHA authentication mechanism for web application developers, in order to fix a security bypass bug he discovered. 

Of the two dozen flaws fixed by the new Chrome update, nine were rated high in severity. These included a use-after-free (CVE-2018-6123) and type confusion (CVE-2018-6124) in Blink, an overly permissive policy in WebUSB (CVE-2018-6125), a heap buffer overflow in Skia (CVE-2018-6126), a use-after-free in indexedDB (CVE-2018-6127), a universal cross-site scripting in Chrome (CVE-2018-6128), two out-of-bounds memory issues in WebRTC (CVE-2018-6129 and CVE-2018-6130), and incorrect mutability protection in WebAssembly (CVE-2018-6131).

The new Chrome version will also introduce more individuals to Site Isolation, a security feature that makes it more difficult for malicious websites to bypass Same Origin Policy protections in order to access or steal information from user accounts on other websites. In its Chrome Releases blog, Google notes that Site Isolation will defend against exploits of the Spectre side-channel vulnerabilities.

The reCAPTCHA  bug and subsequent patch was detailed in a blog post by the man who discovered it last January, researcher Andres Riancho, founder of Bonsai Information Security and w3af, an open-source web application attack and audit framework.

According to Riancho, the vulnerability can be exploited only if a web application "was vulnerable to HTTP parameter pollution and the URL was constructed by appending the response parameter before the secret.” Riancho determined that only around three percent of sites using reCAPTCHA were at risk, but it was reportedly enough to convince Google to fix the issue in its REST API and reward Riancho with a $500 bug bounty.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Related

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.