<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1626328370711236&amp;ev=PageView&amp;noscript=1">
Blog-Hero.jpg

blog

The Web Browser Risk Landscape

Jul 27, 2017 01:42:44 PM

iStock-184146944 600x300.jpg

Whilst working with a customer on a web isolation project over the past two weeks, I was passed on a query based on a report published by Recorded Future in December 2016. The report was a summary of what were the popular vulnerabilities used in exploit kits by attackers in 2016 (source: RecordedFuture).

What the customer asked us was: How would the Menlo Isolation platform deal with the exploits highlighted in the report?

All 10 vulnerabilities happened to be web-based browser vulnerabilities in 2016.

What was of no surprise to us, but was welcomed by the customer, was that we could demonstrate that the Menlo Security platform provides 100% prevention from infections across all the top 10 vulnerabilities of 2016 mentioned in the report. Every vulnerability on the list below would have been mitigated at time of writing, and if in use still today (as many old vulnerabilities are), would be mitigated using the Menlo Security Isolation Platform (MSIP).

Screen Shot 2017-07-27 at 1.40.41 PM.png

Of note, CVE-2015-7645 was used by a huge number of exploit kits from Angler, Rig through to Neutrino, which as a cross OS-platform Flash vulnerability would be mitigated by the Menlo platform. At Menlo Security, we are unique in converting Flash video into safe video content, ensuring the user gets safe content without risk of browser compromise, but still providing safe access to content.

All exploits rely on two key steps: Leverage a vulnerability to corrupt the memory of the application (e.g. a buffer overflow or use-after-free bug), and leverage control over the memory state of the client to hijack execution flow and execute attacker controlled code.

Since no JavaScript is executed by the client browser, attackers cannot control client memory state and exploits will fail to execute their malicious payload.

The key message to highlight here is that, whether they be known or unknown vulnerabilities that are being exploited, the Menlo Security Isolation Platform can provide real value to organisations and provide protection against ransomware, malvertising, and other forms of web-based malware infection vectors.

Jason Steer
Written by Jason Steer

Connect with us

Lists by Topic

see all

Recent Posts