On the Task Manager page, the “High Memory” column sometimes did not display properly. This issue was addressed by updating Task Manager to version 97.0.4692.99. Note that ESET does not consider this issue to be high severity, as it does not allow attackers to perform remote code execution. A heap buffer overflow was found in Task Manager in Google Chrome prior to 97.0.4692.99. If a user were to open a malicious website or visit a compromised or malicious website, it was possible that a remote attacker could exploit this vulnerability to potentially execute arbitrary code with the user’s privileges. On the Task Manager page, the “High Memory” column sometimes did not display properly. This issue was addressed by updating Task Manager to version 97.0.4692.99. Note that ESET does not consider this issue to be high severity, as it does not allow attackers to perform remote code execution. A heap buffer overflow was found in Task Manager in Google Chrome prior to 97.0.4692.99. If a user were to open a malicious website or visit a compromised or malicious website, it was possible that a remote attacker could exploit this vulnerability to potentially execute arbitrary code with the user’s privileges. On the Task Manager page, it was possible for users to set the “High Memory” column to a value that was larger than the amount of memory installed on the system, which could result in the
Internet Explorer
Internet Explorer was affected by a stack-based buffer overflow vulnerability. The vulnerability is triggered when Internet Explorer attempts to access memory that is not allocated for it. An attacker could exploit this vulnerability by convincing a user to visit a malicious website or open a malicious file, resulting in remote code execution with the privileges of the current user.
Microsoft Edge
Memory Leak
In Microsoft Edge prior to version 18.0.1025.162, an exploitable memory leak was found in the handling of style objects. An attacker could potentially exploit this vulnerability to obtain sensitive information from another site or service running on the local system. On the Task Manager page, it was possible for users to set the “High Memory” column to a value that was larger than the amount of memory installed on the system, which could result in a crash of Microsoft Edge and restarting with no user interaction. This issue was addressed by updating Microsoft Edge to version 18.0.1025.162.
Vulnerable versions of Google Chrome
On the Task Manager page, it was possible for users to set the “High Memory” column to a value that was larger than the amount of memory installed on the system, which could result in the depletion of available memory. On the Task Manager page, it was possible for users to set the “High Memory” column to a value that was larger than the amount of memory installed on the system, which could result in the depletion of available memory.
Timeline
Published on: 02/12/2022 02:15:00 UTC
Last modified on: 02/22/2022 22:06:00 UTC