Google have recently fixed numerous security bugs in their Chrome browser. These Chrome bugs include two serious vulnerabilities as well as a zero-day flaw under active exploit. Chrome Zero-Day Under Exploit Researcher Clement Lecigne of Google’s Threat Analysis Group discovered a zero-day bug in the Chrome browser under active exploit. The vulnerability, CVE-2020-6418, was a type confusion flaw in V8 – a Chrome component that processes JavaScript code. Google labeled it a high-severity flaw in their advisory, what makes it serious is its exploitation in the wild. Though, Google hasn’t shared details about how the attackers are exploiting the bug. Yet, they confirm the zero-day is under attack. Other than this zero-day, Google also revealed two other bugs in the Chrome browser. These include two high-severity bugs for which, Google hasn’t hinted of any active exploitation. One of these caught the attention of Google Project Zero’s Sergei Glazunov. Google described it as an Out of bounds memory access in streams (CVE-2020-6407). The other vulnerability caught Google’s attention after researcher André Bargull reported it. This vulnerability, an integer overflow in the ICU component, the researcher was awarded a $5000 bounty. Google Released Patches Recently, Google has patched all the three flaws and released fixes with the latest Chrome version 80.0.3987.122. As the tech giant rolls out the updates, users must ensure their devices are updated to avoid any issues. This is particularly important considering the active exploitation of the zero-day. The present zero-day marks the third major vulnerability that caught the hackers’ attention before a fix. The first of these (CVE-2019-5786) surfaced online in March 2019. The attackers exploited this use after free flaw to target Windows 7. Whereas, the second vulnerability, another use after free flaw (CVE-2019-13720), appeared online in November 2019.
Friday, 28 February 2020
Home
/
Cyber Attack
/
Cyber Security News
/
Hacking News
/
Vulnerabilities
/
Google Patch Serious Chrome Bugs Including A Zero-Day Under Active Exploit
Google Patch Serious Chrome Bugs Including A Zero-Day Under Active Exploit
About Er. Anil Kumar
Tech News is a blogger resources site is a provider of high quality blogger with premium looking layout and robust design. The main mission of templatesyard is to provide the best quality blogger resourses.
Vulnerabilities
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment