Remote Code Execution Bug Discovered in Google Chrome Version 59

Author Photo
Aug 17, 2017
9Shares
Submit

Security researchers have discovered a type confusion vulnerability in Google’s Chrome browser that leads to remote code execution. The Chrome bug reportedly affects an older version of the browser but Google has no plans to fix the flaw since it stopped working in the current version, Chrome 60.

RCE Chrome bug only affects version 59 – better to update

Security researchers at Beyond Security have published the proof-of-concept code for reproducing this Chrome security bug. It appears that the bug only affects version 59, but isn’t clear if any earlier versions are also vulnerable to this.

Interested readers can head over to Beyond Security’s SecuriTeam blog that explains the RCE flaw in detail and provides a proof of concept too. The vulnerability is discovered in Chrome’s Turbofan component that is used to optimize JavaScript code. An attacker could lure a user to a website controlled by the attacker, serving malicious JavaScript code. The attackers wouldn’t be able to get complete control over the system, but can steal data that is accessible through the victim’s browser, including passwords.

Chrome browser is affected by a type confusion vulnerability. The vulnerability results from incorrect optimization by the turbofan compiler, which causes confusion between access to an object array and a value array, and therefore allows to access objects as if they were values by reading them as if they were values (thus receiving their in memory address) or vice-versa to write values into an object array and thus being able to fake objects completely.

Google Chrome version 59 is still being used by a tiny number of users, leaving  them vulnerable to this flaw now that the PoC is out. “Google was informed of the vulnerability, and a ticket has been opened,” SecuriTeam wrote. “Because the vulnerability stopped working in Chrome 60 – Google has no plan to address it as a security advisory/patch.”

Submit