This vulnerability is rated HIGH due to the potential for remote code execution through browser exploitation, which can lead to full system compromise if a user visits a malicious website or clicks on a compromised link.
DLL injection and Chrome hijacking via COM abuse have been identified in GlassWorm Part 4, impacting systems running vulnerable versions of Chrome with specific DLL files. This affects users who may unknowingly execute malicious code through compromised web interactions.
Affected Systems
- Google Chrome
Affected Versions: All versions before 98.0.4758.102
Remediation
- Update Google Chrome to the latest version (98.0.4758.102 or later).
- Remove any DLL files that are identified as part of the GlassWorm attack vector from your system.
- Implement strict security policies and browser extensions to block unknown COM objects and DLLs.
Stack Impact
This affects browsers, particularly Google Chrome versions before 98.0.4758.102, which may be integrated with various web services and applications.