PuzzleMaker attacks with Chrome zero-day exploit chain
released on 2021-06-09 @ 09:24:35 AM
Detected a wave of highly targeted attacks against multiple companies. Analysis revealed that all these attacks exploited a chain of Google Chrome and Microsoft Windows zero-day exploits. Microsoft assigned CVE-2021-31955 to the information disclosure vulnerability and CVE-2021-31956 to the elevation of privilege vulnerability. Both vulnerabilities were patched on June 8, 2021, as a part of the June Patch Tuesday.