Browser 0-days on Linux?

  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in please checkout the “Tips & Tricks” page for some very handy tips!

    /Steve.
  • BootAble – FreeDOS boot testing freeware

    To obtain direct, low-level access to a system's mass storage drives, SpinRite runs under a GRC-customized version of FreeDOS which has been modified to add compatibility with all file systems. In order to run SpinRite it must first be possible to boot FreeDOS.

    GRC's “BootAble” freeware allows anyone to easily create BIOS-bootable media in order to workout and confirm the details of getting a machine to boot FreeDOS through a BIOS. Once the means of doing that has been determined, the media created by SpinRite can be booted and run in the same way.

    The participants here, who have taken the time to share their knowledge and experience, their successes and some frustrations with booting their computers into FreeDOS, have created a valuable knowledgebase which will benefit everyone who follows.

    You may click on the image to the right to obtain your own copy of BootAble. Then use the knowledge and experience documented here to boot your computer(s) into FreeDOS. And please do not hesitate to ask questions – nowhere else can better answers be found.

    (You may permanently close this reminder with the 'X' in the upper right.)

airchie

Member
Nov 9, 2020
14
13
I was just thinking about some proposals at work for securing things a bit more and something popped into my head.
Do browser 0-day vulnerabilities affect all OSes equally?

Seems to me that we often hear about the vulnerabilities giving you "system" privs but never "root".
Or allowing attackers a RCE opportunity but would it allow the execution of code on a linux machine also?

Seems to me that at least some of the browser 0-days would be ineffectual in linux?
 
Your expectation is correct.
The shared browser code eould lead in a vulnerability inside the browser regardless of the platform. But if that code is platform-specific, it shouldn’t cross platforms.
 
Upvote 0
Yes, the errors are going to be common in a lot of cases, though with Linux you do at least have the different environment that is going to slow things down, as most exploits will be aimed at the majority OS, which gives the best return. But they also will be exploitable, and will be able to execute code in the browser process itself on x86 processors, so can still do damage. However they will be limited to the user permissions, so while your data is in danger, the actual OS is safe.

Best though is update regularly, and often, as soon as the typical version presents the option, and keep up to date, have backups, and of course avoid dodgy sites and adverts. Most common drive by is to buy an ad legitimately, and simply have the server that contains it serve up the malware in addition to the ad script for either regional, or random requests, or after a certain time to keep the ad supplier from seeing the malware payload.
 
Upvote 0
Well you might use Javascript to escape the browser sandbox, but then the value of Javascript ends and you need to run shell code targeted at a specific target OS. Windows is probably the most frequent target because it is in the biggest installed base.
 
Upvote 0