Welcome to the

Bit Guardian Blog

Ad Guardian PlusNews

New Chrome 0-day bug, patched. Update your browser!

Google-Chrome-patched-for-two-major-vulnerabilities

Your Chrome browser needs urgent update! The latest version was released on Halloween night. Google is warning its billions of users to immediately install the update, in order to patch two high severity vulnerabilities. One of these was actively exploited to hijack computers.

The Chrome security team mentioned that both issues are use-after-free vulnerabilities (a class of memory corruption bug that can be leveraged by hackers to execute arbitrary code), one affecting Chrome’s audio component while the other resides in the PDFium (CVE-2019-13721) library.

Both flaws could enable remote attackers to gain privileges on the Chrome browser, just by convincing users to visit malicious websites. This would allow them to escape sandbox protections and run malicious code on the systems.

The audio component issue was discovered and reported by Anton Ivanov and Alexey Kylaev, two Kaspersky researchers.

Although Google admitted that “is aware of reports that an exploit for CVE-201913720 exists in the wild”, they mentioned that “Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”

The use-after-free issue has been one of the most common flaws discovered in the Chrome browser lately. A month ago, Google had to release an urgent security update for Chrome, to patch a total of four use-after-free vulnerabilities. The most severe one could allow remote hackers to take control of an affected system.

The newest vulnerabilities have been patched via the 78.0.3904.87 update, available for Windows, Mac, and Linux operating systems.

Related posts
Ad Guardian PlusNews

Google offices remain empty until July 2021, Sundar Pichai announced

Ad Guardian PlusNews

A Windows 10 update fixes Excel, File Explorer bugs and more

Ad Guardian PlusNews

New TikTok competitor comes from Facebook's Instagram

Ad Guardian PlusNews

Google to buy new users with its $10bn plan for India

Leave a Reply

Your email address will not be published. Required fields are marked *