The irony is that the users most likely to run into an attack telling them they need to update their browser are the ones who already have. And since browsers are pretty good at installing updates, Magnitude also needs attacks that work against fully updated browsers. However, that won't stop exploit kits from taking advantage of other tactics, like fake updates, where they're more likely to succeed.Īlthough Edge is based on the same browser as Chrome, uses the same V8 JavaScript engine, and is vulnerable to the same exploits, those exploits will only work on browsers that are out of date. The number of problems affecting Chrome's V8 JavaScript engine suggest there may be underlying problems in that part of the browser, and we fully expect that the near-term future of exploit kits will be Chrome exploits. That should be no surprise, Chrome is the most popular web browser by far and it suffered from an unprecedented glut of zero-days in 2021. In late 2021, it was seen targeting a sandbox escape vulnerability in the Chrome browser family, for example. In the past, Magnitude has made extensive use of Flash and Internet Explorer vulnerabilities, but as the software landscape has changed it has had to adapt. Magnitude is regularly updated with fresh attacks, and the fake Edge update appears to have been added in the last few weeks.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |