....unless you want to be infected by something other than Covid. Somebody call the exterminators! 🐜
What it is
The zero-day in question is CVE-2021-21148, a "heap overflow" memory corruption bug in the V8 JavaScript engine. It was identified in the wild by security researcher Mattias Buelens. Not long after Mr. Buelens made this information public, Google's security team released information about government-sponsored cyber attacks from North Korea targeting members of the security community. Social engineering tactics lured researchers to blogs disguised as collaboration projects, only to exploit their browser zero-days and infect their machines.
Coincidence? Perhaps. Security researchers have raised their suspicion, but it remains to be seen what details Google will provide.
Why you should care
Any time an unpatched vulnerability is being exploited in the wild, the risk of data loss and cyber theft increases exponentially. With a hugely popular application like Chrome (who many are probably using right now to read this), it's wise to update bug fixes as soon as they are released.
But what if I can't patch right now?
I'm glad you asked! In this situation, you're kinda stuck between a rock and a hard place, right? You're still a week out from your next patching cycle; heck, you may even have a bunch of machines that you just can't patch right now. So who do you call?
PATCHBUSTERS!
Topia protects your applications' vulnerable memory space from any impersonation or injection attempts. So while you're waiting for the go-ahead to deploy those patches, Topia keeps a careful watch for any monkey business in your network—and shuts it down.
It's a nice way to lower your stress levels 😉