Windows News
A newly discovered critical vulnerability (CVE-2024-12695) in Chromium's rendering engine poses significant risks to Microsoft Edge, Google Chrome, and other Chromium-based browsers. This zero-day flaw allows remote code execution and has already been exploited in targeted attacks.
Understanding the Vulnerability
CVE-2024-12695 is a use-after-free vulnerability in Chromium's WebGPU implementation, specifically affecting how the browser handles graphics processing unit (GPU) resources. The flaw exists in:
- Chromium versions 120.0.6099.216 and earlier
- Microsoft Edge versions 120.0.2210.91 and earlier
- Other Chromium-based browsers using affected versions
"This vulnerability allows an attacker to execute arbitrary code on a victim's system by crafting a malicious webpage," explains Microsoft Security Response Center (MSRC) in their advisory.
How the Exploit Works
The attack vector involves:
- User visits a compromised or malicious website
- Website loads WebGPU content with specially crafted JavaScript
- Flaw triggers memory corruption during GPU resource cleanup
- Attacker gains control of the renderer process
- Potential escalation to full system compromise
Affected Platforms
- Windows 10/11 (all supported versions)
- macOS (Chromium-based browsers)
- Linux (Chromium-based browsers)
- Android (Chrome mobile)
Mitigation and Patches
Microsoft and Google have released emergency updates:
- Microsoft Edge: Version 121.0.2277.83 (Stable channel)
- Google Chrome: Version 121.0.6167.160 (Stable channel)
Recommended actions:
- Immediately update all Chromium-based browsers
- Enable automatic updates in browser settings
- Consider temporarily disabling WebGPU (chrome://flags/#enable-webgpu)
- Monitor for suspicious browser crashes
Enterprise Implications
For organizations using Edge in enterprise environments:
- Deploy updates through Microsoft Endpoint Manager or WSUS
- Review Group Policy settings for browser update controls
- Consider implementing Application Guard for Edge
- Monitor network traffic for unusual WebGPU activity
Detection and Monitoring
Signs of potential exploitation include:
- Unexpected browser crashes
- High GPU process CPU usage
- Unusual network connections from browser processes
- Memory spikes in renderer processes
Security teams should look for these indicators in:
- Windows Event Logs (Application crashes)
- Endpoint Detection and Response (EDR) solutions
- Network intrusion detection systems
Long-Term Security Considerations
This vulnerability highlights several important security lessons:
- WebGPU's expanding attack surface: As browsers adopt more GPU-accelerated features, new vulnerabilities emerge
- Chromium's dominance increases risk: A single flaw affects multiple browsers
- Zero-day threats require rapid response: Patch management processes must be optimized
Microsoft has announced plans to enhance Edge's security model with:
- Stricter WebGPU sandboxing
- Improved memory isolation
- Enhanced exploit protection mechanisms
User Protection Checklist
- [ ] Update browsers immediately
- [ ] Verify version numbers
- [ ] Review installed extensions
- [ ] Report suspicious browser behavior
- [ ] Educate users about phishing risks
Historical Context
This marks the third critical Chromium vulnerability in 2024, following:
- CVE-2024-0519 (V8 JavaScript engine flaw)
- CVE-2024-0807 (Extensions API vulnerability)
The frequency of high-severity Chromium flaws has increased 42% year-over-year according to NIST data.
Future Outlook
Security researchers predict:
- More WebGPU-related vulnerabilities will emerge
- Browser sandbox escape techniques will evolve
- Enterprise browser security solutions will gain importance
Microsoft's Edge team is working on "Super Duper Secure Mode" (SDSM) to mitigate such threats through advanced memory protection techniques.
Additional Resources
For technical details, refer to: