CVE-2024-7005
📋 TL;DR
This vulnerability in Google Chrome's Safe Browsing feature allows attackers to bypass discretionary access controls by tricking users into performing specific UI gestures with malicious files. It affects Chrome users on all platforms who haven't updated to version 127.0.6533.72 or later. The attack requires user interaction and social engineering to succeed.
💻 Affected Systems
- Google Chrome
- Chromium-based browsers
📦 What is this software?
Chrome by Google
Google Chrome is the world's most popular web browser, used by over 3 billion users globally across Windows, macOS, Linux, Android, and iOS platforms. As a Chromium-based browser developed by Google, Chrome dominates the browser market with approximately 65% market share, making it a critical compon...
Learn more about Chrome →⚠️ Risk & Real-World Impact
Worst Case
An attacker could bypass file system security controls to access or modify protected files, potentially leading to data theft or system compromise.
Likely Case
Limited file access bypass requiring specific user interaction, most likely used in targeted attacks against specific individuals.
If Mitigated
No impact if users don't interact with malicious files or if Chrome is fully updated.
🎯 Exploit Status
Exploitation requires convincing users to perform specific UI gestures with malicious files, adding social engineering complexity.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 127.0.6533.72
Vendor Advisory: https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html
Restart Required: Yes
Instructions:
1. Open Chrome 2. Click three-dot menu → Help → About Google Chrome 3. Chrome will automatically check for and install updates 4. Click 'Relaunch' to restart with the patched version
🔧 Temporary Workarounds
Disable automatic file downloads
allConfigure Chrome to ask where to save files instead of automatically downloading
chrome://settings/content/automaticDownloads → Toggle off
Enable Enhanced Safe Browsing
allProvides additional protection against malicious files and websites
chrome://settings/security → Enable Enhanced protection
🧯 If You Can't Patch
- Use alternative browsers until Chrome can be updated
- Implement application whitelisting to restrict which files users can execute
🔍 How to Verify
Check if Vulnerable:
Check Chrome version in Settings → About Chrome. If version is below 127.0.6533.72, system is vulnerable.Check Version:
chrome://version/ (on Chrome) or google-chrome --version (command line)Verify Fix Applied:
Confirm Chrome version is 127.0.6533.72 or higher in Settings → About Chrome.📡 Detection & Monitoring
Log Indicators:
- Unusual file access patterns from Chrome processes
- Multiple failed file access attempts
Network Indicators:
- Downloads from untrusted sources followed by unusual file system activity
SIEM Query:
process_name:"chrome.exe" AND (event_type:"file_access" OR event_type:"process_creation") AND target_file_path CONTAINS sensitive_directories