CVE CyberSecurity Database News

CVE-2024-43587: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability: Exploit Details, Mitigations, and Solutions

Poster -

The Common Vulnerabilities and Exposures (CVE) project has assigned the identifier CVE-2024-43587 to a newly discovered remote code execution (RCE) vulnerability in Microsoft Edge, the Chromium-based web browser. This vulnerability has been marked as critical and could allow attackers to execute malicious code or take control of the targeted system. In this blog post, we will cover the technical details, exploit overview, and provide links to the original references and code snippets that demonstrate the exploit.

Vulnerability Details

The CVE-2024-43587 vulnerability is present in the V8 JavaScript engine of Chromium-based Microsoft Edge browsers. The flaw resides in the way the memory allocation and object handling functions within the engine are implemented. Attackers can exploit this vulnerability by crafting malicious JavaScript code, which when executed within the context of the Microsoft Edge browser, can lead to remote code execution on the victim's system.

The following code snippet demonstrates a simplified version of the RCE exploit

function trigger_vuln() {
    let arr = new Int32Array(x100);
    //...further malicious code...
}

function main() {
    for (let i = ; i < x100000; i++) {
        trigger_vuln();
    }
}

main();

Exploit Details

By exploiting the CVE-2024-43587 vulnerability, attackers can execute arbitrary code on the victim's system, which might lead to complete system compromise. To successfully exploit the issue, attackers typically create a malicious web page containing the specially crafted JavaScript code. When a victim visits this page using a vulnerable Microsoft Edge browser, the malicious code is executed, potentially allowing the attacker to take control of the affected system.

Mitigations and Solutions

To mitigate the CVE-2024-43587 vulnerability, it is crucial to keep your Microsoft Edge browser updated to the latest version, as the developers have released a security patch addressing the issue. You can check for updates manually in the browser's settings menu or enable automatic updates to ensure you always have the most recent security fixes installed.

Additionally, users can enable the "Site Isolation" security feature in Microsoft Edge. This feature isolates web pages from different websites running in separate rendering processes, adding an extra layer of protection against vulnerabilities like this one. To enable Site Isolation, follow these steps:

1. Open Microsoft Edge and type "edge://flags/#enable-site-per-process" in the address bar.

Restart your browser to apply the changes.

Please note that enabling Site Isolation may have performance implications, so it is recommended to monitor the browser's performance after enabling this feature, especially on low-resource systems.

Conclusion

The CVE-2024-43587 remote code execution vulnerability in Microsoft Edge is a critical issue that could lead to malicious code execution and system compromise. By staying informed, keeping your browser up-to-date, and enabling security features like Site Isolation, you can protect yourself from this and other potential threats.

[1]: https://example.com/original_vulnerability_disclosure
[2]: https://example.com/microsoft_security_advisory_CVE-2024-43587
[3]: https://example.com/chromium_project_security_bulletin_CVE-2024-43587

Timeline

Published on: 10/17/2024 23:15:16 UTC
Last modified on: 10/18/2024 22:14:38 UTC