Remote Code Execution Flaw in the Electron Framework

A protocol handler vulnerability was discovered in Electron, a popular software framework that allows developers to create cross-operating system applications using basic web technologies and used by a number of applications including Signal, Skype, and Slack. Successful exploitation of the vulnerability, which only affects Windows applications, could allow a remote threat actor to execute malicious code on the affected systems. While Electron has patched the vulnerability with the release of versions 1.8.2-beta.4, 1.7.11, and 1.6.16, developers will need to push updates to end-users after applying the necessary patch. A temporary workaround is available for app developers who cannot immediately update their applications and Microsoft has added support for detecting exploit attempts on systems running Windows Defender. The NJCCIC recommends app developers using the Electron framework review Electron’s post and apply the update or workaround as soon as possible. End-users are encouraged to review the list of applicationsusing the framework and apply any necessary updates when available.

AdvisoryNJCCICElectron