Microsoft Edge – Security Flaw Exposed by Google

Windows Articles

How to install SQLite on OpenSUSE 15.2 / 15.1?

There are many good database management systems, but they are not all the same. And the fact that they are not, means...

How to detect port scanning and private IP access with Behave

Hello! Security when surfing the internet is a very serious issue. Consequently, the precautions we take are very important. Moreover, web browsers...

How to install LAMP on OpenSUSE 15.2 / 15.1?

It is increasingly common to find small companies that decide to use the SUSE ecosystem for their servers. It's an unsurprising decision because OpenSUSE...

How to use Mytop on Linux?

We already know that both MySQL and MariaDB are among the most popular database managers out there. They have earned this with...

How to activate the automatic screen saver in Windows 10

Hello! Undoubtedly the time we spend in front of a computer has grown lately. In fact, in these times of pandemic, more...
Mel Khamlichi
Mel Khamlichihttp://www.osradar.com
Founder of Osradar, from Amsterdam Netherlands

Microsoft Edge is the latest web browser from Microsoft and is available as a part of Windows 10. It’s supposed to be a better browser than the previous generation – Internet Explorer. It successfully improved the browsing experience and performance than traditional Internet Explorer. However, Google recently figured out a new vulnerability that websites can use to exploit Edge browser for illegal behaviors.

How it works

Google’s Project Zero team discovered the flaw within an important exploit mitigation technique in Edge. That flaw can bypass the security check. ACG (Arbitrary Code Guard) is used in Edge that helps to thwart malicious codes from loading into memory. Using this defense system, the target is to ensure that only properly signed codes can load into memory. However, this process is very troublesome while working with JIT (Just-in-Time) compilers used in the modern browsers.

JIT compilers translate the codes of JavaScript into native code to run faster and smoother. It doesn’t check the sign of the code, allowing some unsigned codes to run in a content process. In order to make JIT compilers work with ACG, Microsoft programmed JIT compiling to run in its own, isolated sandbox. Microsoft claimed that it was a significant achievement.

The issue is in the way that the JIT compilers build executable data into the content process. A compromised content, using “ACG bypass via UnmapViewofFile”, can predict the address which a JIT process is going to call VirtualAllocEx() next. It also allows to allocate a writable memory region on the same address JIT server’s going to write and create a soon-to-be-executable payload there.

Google informed Microsoft about this medium-severity issue in mid-November. After Google’s 90-day deadline passed, Google revealed the details about the bug. Microsoft confirmed the ACG bypass in response to Google to February’s Patch Tuesday. It seemed that the patch was targeted for the issue. However, Microsoft said that the bug was a more complex one than they primarily thought. Now, Microsoft targets to release security patch in Patch Tuesday in March.

How to stay secured

For Microsoft Edge users, it’s the best, for now, to avoid using the browser. The bug is publicly available and so, available to cybercriminals at the same time. They’re more likely to take the situation to their advantage. Microsoft’s fix is also quite late to provide any protection against such attacks.

That’s why it’s the best to use other popular & alternative web browsers, for example, Google Chrome, Mozilla Firefox, Opera etc. For an additional defense layer, get the best antivirus software of 2018.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to install SQLite on OpenSUSE 15.2 / 15.1?

There are many good database management systems, but they are not all the same. And the fact that they are not, means...

How to detect port scanning and private IP access with Behave

Hello! Security when surfing the internet is a very serious issue. Consequently, the precautions we take are very important. Moreover, web browsers...

How to install LAMP on OpenSUSE 15.2 / 15.1?

It is increasingly common to find small companies that decide to use the SUSE ecosystem for their servers. It's an unsurprising decision because OpenSUSE...

How to use Mytop on Linux?

We already know that both MySQL and MariaDB are among the most popular database managers out there. They have earned this with...

How to activate the automatic screen saver in Windows 10

Hello! Undoubtedly the time we spend in front of a computer has grown lately. In fact, in these times of pandemic, more...