国内报道: https://cert.360.cn/warning/detail?id=aae853e42516f5f069a87d250df69c6c
测试代码: https://github.com/r4j0x00/exploits/tree/master/chrome-0day
该漏洞已验证,目前 Google 只针对该漏洞发布了 beta 测试版 Chrome ( 90.0.4430.70 )修复,Chrome 正式版( 89.0.4389.114 )仍存在漏洞,360CERT 建议广大用户关注官方 Chrome 正式版更新,及时修补漏洞。与此同时,请做好资产自查以及预防工作,以免遭受黑客攻击。
不过这个漏洞并不能单独生效,需要配合类似沙箱逃逸这样的漏洞使用,想体验的可以让 Chrome 运行在 --no-sandbox 情况下,会发现计算器弹出来。
the good thing is that Agarwal's zero-day cannot currently escape the browser's sandbox. For Agarwal's zero-day RCE exploit to work, it would need to be chained with another vulnerability that can allow the exploit to escape the Chromium sandbox.
Select Language