{"id":5959,"date":"2024-01-18T22:15:24","date_gmt":"2024-01-18T21:15:24","guid":{"rendered":"https:\/\/sajberinfo.com\/?p=5959"},"modified":"2024-01-18T22:15:24","modified_gmt":"2024-01-18T21:15:24","slug":"chrome-120-ranjivost-cve-2024-0519","status":"publish","type":"post","link":"https:\/\/sajberinfo.com\/en\/2024\/01\/18\/chrome-120-ranjivost-cve-2024-0519\/","title":{"rendered":"Chrome 120 ranjivost: CVE-2024-0519"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\">Kompanija <em>Google<\/em> je objavila hitno a\u017euriranje <em>Chrome 120<\/em> ranjivost na <em>Windows<\/em>, <em>Linux<\/em> i <em>macOS<\/em> operativnim sistemima. Objavljeno a\u017euriranje je bezbjednosni odgovor na nekoliko veoma ozbiljnih\u00a0 ranjivosti, od kojih se jedna ve\u0107 aktivno iskori\u0161tava. Ranjivost koja se aktivno iskori\u0161tava je ozna\u010dena kao <em>CVE-2024-0519<\/em> i omogu\u0107ava pristup memoriji van ograni\u010denja <em>Chrome<\/em> <em>JavaScript<\/em> mehanizma. Ranjivost je anonimno prijavljena 11. januara 2024. godine.<\/span><\/p>\n<div id=\"attachment_5962\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-5962\" class=\"size-full wp-image-5962\" src=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/01\/Google-Chrome-Browser.jpg\" alt=\"Chrome\" width=\"1024\" height=\"1024\" srcset=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/01\/Google-Chrome-Browser.jpg 1024w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/01\/Google-Chrome-Browser-300x300.jpg 300w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/01\/Google-Chrome-Browser-150x150.jpg 150w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/01\/Google-Chrome-Browser-768x768.jpg 768w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/01\/Google-Chrome-Browser-12x12.jpg 12w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/01\/Google-Chrome-Browser-80x80.jpg 80w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/01\/Google-Chrome-Browser-320x320.jpg 320w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><p id=\"caption-attachment-5962\" class=\"wp-caption-text\"><em>Chrome 120 ranjivost: CVE-2024-0519; Source: Bing Image Creator<\/em><\/p><\/div>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Sadr\u017eaj<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ffffff;color:#ffffff\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ffffff;color:#ffffff\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewbox=\"0 0 24 24\" version=\"1.2\" baseprofile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/sajberinfo.com\/en\/2024\/01\/18\/chrome-120-ranjivost-cve-2024-0519\/#CHROME_RANJIVOST_CVE-2024-0519\" >CHROME RANJIVOST CVE-2024-0519<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/sajberinfo.com\/en\/2024\/01\/18\/chrome-120-ranjivost-cve-2024-0519\/#ISPRAVKE_U_CHROMIUM_BAZIRANIM_PREGLEDACIMA\" >ISPRAVKE U CHROMIUM BAZIRANIM PREGLEDA\u010cIMA<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/sajberinfo.com\/en\/2024\/01\/18\/chrome-120-ranjivost-cve-2024-0519\/#ZAKLJUCAK\" >ZAKLJU\u010cAK<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/sajberinfo.com\/en\/2024\/01\/18\/chrome-120-ranjivost-cve-2024-0519\/#ZASTITA\" >ZA\u0160TITA<\/a><\/li><\/ul><\/nav><\/div>\n\n<h2><span class=\"ez-toc-section\" id=\"CHROME_RANJIVOST_CVE-2024-0519\"><\/span><span style=\"font-size: 14pt;\"><strong><em>CHROME<\/em> RANJIVOST <em>CVE-2024-0519<\/em><\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Ranjivost <em>CVE-2024-0519<\/em> je problem sa pristupom memoriji van granica\u00a0 <em>Chrome<\/em> <em>V8<\/em> <em>JavaScript<\/em> mehanizmu. Iskori\u0161tavanje ove ranjivosti <a href=\"https:\/\/sajberinfo.com\/en\/2022\/03\/19\/hakeri-crni-sesiri-epizoda-3\/\" target=\"_blank\" rel=\"nofollow noopener\">napada\u010dima<\/a> omogu\u0107ava:<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 14pt;\">Mogu\u0107nost dobijanja podacima, potencijalna mogu\u0107nost kra\u0111e osjetljivih podataka kao \u0161to su <a href=\"https:\/\/sajberinfo.com\/en\/2019\/02\/24\/lozinka-password-sifra\/\" target=\"_blank\" rel=\"nofollow noopener\">lozinke<\/a>, finansijske informacije i istorija pretra\u017eivanja,<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">Iskori\u0161tavanje pristupa za preuzimanje sistema i njegova zloupotreba u zlonamjerne svrhe, kao \u0161to je \u0161irenje <a href=\"https:\/\/sajberinfo.com\/en\/2021\/09\/26\/malware\/\" target=\"_blank\" rel=\"nofollow noopener\">zlonamjernog softvera<\/a> i pokretanje koordinisanih napada na druge korisnike,<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">Ometanje funkcionalnosti ure\u0111aja korisnika, \u010dine\u0107i ga neupotrebljivim ili izazivaju\u0107i zastoje.<\/span><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<blockquote><p><span style=\"font-size: 14pt;\"><em>\u201cStabilni kanal je a\u017euriran na 120.0.6099.234 za Mac i 120.0.6099.224 za Linux i 120.0.6099.224\/225 za Windows koji \u0107e se pojaviti u narednim danima\/nedjeljama. Google je svjestan izvje\u0161taja da eksploatacija za CVE-2024-0519 postoji u divljini.\u201d<\/em><\/span><\/p>\n<p style=\"text-align: right;\"><span style=\"font-size: 14pt;\"><em>\u00a0<\/em><\/span><span style=\"font-size: 14pt;\"><em>&#8211; <\/em><a href=\"https:\/\/chromereleases.googleblog.com\/2024\/01\/stable-channel-update-for-desktop_16.html\" target=\"_blank\" rel=\"noopener\"><em>Release updates from the Chrome team<\/em><\/a><em> &#8211;<\/em><\/span><\/p>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ISPRAVKE_U_CHROMIUM_BAZIRANIM_PREGLEDACIMA\"><\/span><span style=\"font-size: 14pt;\"><strong>ISPRAVKE U <em>CHROMIUM<\/em> BAZIRANIM PREGLEDA\u010cIMA<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\"><em>Microsoft<\/em> <em>Edge<\/em> je pregleda\u010d zasnovan na <em>Chromium<\/em> k\u00f4du, pa ova ranjivost uti\u010de i na njega. Iz kompanije <em>Microsoft<\/em> su objavili da rade na sigurnosnoj ispravci za ovu ranjivost.<\/span><\/p>\n<blockquote><p><span style=\"font-size: 14pt;\"><em>\u201cVredi naglasiti da pobolj\u0161ana funkcija sigurnosnog re\u017eima (eng. enhanced security mode) Microsoft Edge ubla\u017eava ovu ranjivost. Mo\u017eete da se uklju\u010dite u ova bezbjednosna funkcija i budite mirni da vas Microsoft Edge \u0161titi od ovog ranjivosti.\u201d<\/em><\/span><\/p>\n<p style=\"text-align: right;\"><span style=\"font-size: 14pt;\"><em>\u00a0<\/em><\/span><span style=\"font-size: 14pt;\"><em>&#8211; <\/em><a href=\"https:\/\/learn.microsoft.com\/en-us\/deployedge\/microsoft-edge-relnotes-security#january-16-2024\" target=\"_blank\" rel=\"noopener\"><em>Microsoft<\/em><\/a><em> &#8211;<\/em><\/span><\/p>\n<\/blockquote>\n<p><span style=\"font-size: 14pt;\">Drugi popularni pregleda\u010di zasnovani na <em>Chromium<\/em> k\u00f4du kao \u0161to su <em>Brave<\/em>, <em>Opera<\/em> i <em>Vivaldi<\/em>\u00a0 c\u0301e vjerovatno uskoro objaviti ispravke.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ZAKLJUCAK\"><\/span><span style=\"font-size: 14pt;\"><strong>ZAKLJU\u010cAK<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Kompanija <em>Google<\/em> je primjenjuju\u0107i svoj dobro poznati oprez, zadr\u017eala tehni\u010dke karakteristike ove ranjivosti kako bi ograni\u010dila mogu\u0107nosti napada\u010da da razviju na\u010dine za iskori\u0161tavanje ranjivosti. Ono \u0161to je kompanija <em>Google<\/em> ve\u0107 potvrdila, to je da se ranjivost ve\u0107 aktivno iskori\u0161tava. Nedostatak detalja vezanih za ovu ranjivost dodatno pove\u0107ava va\u017enost a\u017euriranja i nagla\u0161ava\u00a0 ozbiljnost prijetnje.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ZASTITA\"><\/span><span style=\"font-size: 14pt;\"><strong>ZA\u0160TITA<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Kako bi se korisnici za\u0161titili od potencijalnih napada, potrebno je da a\u017euriraju sve instalacije <em>Google<\/em> <em>Chrome<\/em> pregleda\u010da na najnoviju verziju \u0161to je prije mogu\u0107e:<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 14pt;\">Verzija <em>120.0.6099.234<\/em> za <em>Mac<\/em>,<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">Verzija <em>120.0.6099.224<\/em> za <em>Linux<\/em>,<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">Verzija <em>120.0.6099.224\/225<\/em> za <em>Windows<\/em>.<\/span><\/li>\n<\/ul>","protected":false},"excerpt":{"rendered":"<p>Kompanija Google je objavila hitno a\u017euriranje Chrome 120 ranjivost na Windows, Linux i macOS operativnim sistemima. Objavljeno a\u017euriranje je bezbjednosni odgovor na nekoliko veoma ozbiljnih\u00a0 ranjivosti, od kojih se jedna ve\u0107 aktivno iskori\u0161tava. Ranjivost&#46;&#46;&#46;<\/p>","protected":false},"author":1,"featured_media":5962,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[149,684,347,141,144,241,143],"class_list":["post-5959","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hronike","tag-chrome","tag-cve-2024-0519","tag-google","tag-linux","tag-macos","tag-microsoft-edge","tag-windows"],"_links":{"self":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/5959","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/comments?post=5959"}],"version-history":[{"count":0,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/5959\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media\/5962"}],"wp:attachment":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media?parent=5959"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/categories?post=5959"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/tags?post=5959"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}