SBN

Isolation protects you from threats that haven’t even been discovered

Another day, another validation that Internet isolation really is the best cybersecurity protection out there.

Last week, Google released an urgent Chrome update to patch an actively exploited zero-day known as CVE-2019-13720, a memory corruption bug that uses a use-after-free vulnerability in audio that allows a threat actor to access memory after it has been freed. This allows anyone to cause a program to crash, execute arbitrary code, or even enable full remote code execution scenarios. Pretty serious stuff that should worry even the most secure enterprises.

Everyone, that is, except enterprises protected by the Menlo Cloud Security Platform powered by Internet isolation. You see, even though the exploit was only recently discovered and patched by Google, organizations that isolate web traffic in our Cloud Security Platform have always been protected, simply by our isolate-or block-approach.

The flaw requires calling an audio-related API from JavaScript, but when the JavaScript is executed in an isolated browser in the cloud, it is unable to call the API on the client side.

But wait, isn’t Menlo’s isolated browser Chromium based? And doesn’t that mean the audio API is vulnerable in Menlo’s isolated browser as well?

Yes, but the Menlo Cloud Security Platform runs on Linux, so the second step in the in-the-wild exploit chain is not applicable. Without another vulnerability that allows the JavaScript to escape the sandbox, CVE-2019-13720 has no ability to reach users’ devices. Even so, we have already released an update to our cloud platform.

Enterprises that continue to rely solely on a detect-and-respond approach to cybersecurity are pressing their luck. In the time it took Google to identify and patch the vulnerability, threat actors could have penetrated their defenses and done real damage. Why wait for exploits to be found and patched? Why not simply assume that all web content is risky and isolate it in the cloud far from your users’ devices?

Why take the risk? Especially when there’s already a solution that protects enterprises from unknown vulnerabilities—the Menlo Cloud Security Platform.


*** This is a Security Bloggers Network syndicated blog from Menlo Security Blog authored by Mehul Patel. Read the original post at: https://www.menlosecurity.com/blog/isolation-protects-you-from-threats-that-havent-even-been-discovered