Install the latest Chrome update to patch the 0-day bug from active attacks



Google released a new software-critical update yesterday for its Chrome Web browser for Windows, Ios, and Linux users over the coming days. The last Chrome 80.0.3987.122 provides security fixes for three new vulnerabilities, all labelled' HIGH,' one of them allegedly exploited in the wild (CVE-2020-6418).

The vulnerability of the integer overflow was disclosed to Google privately by André Bargull last week, winning $5,000 in bonuses, while Google security experts found the two other vulnerabilities, CVE-2020-6407 and CVE-2020-6418.

Google said that the V8 JavaScription rendering engine is being actively operated by CVE-2020-6418 that results from a confound type error, although technical information is limited at the moment about the vulnerability.

The search giant did not reveal further vulnerability information to give affected users time to install the update to Chrome and avoid hackers to take advantage of the vulnerability.

A successful use of integer overflow or outbound write flaws may allow a remote attacker to compromise the vulnerable system, tricking the user to visit a website that uses the exploit to execute  code on the target computer.

The most recent version of Chrome is recommended to be downloaded by users from the settings menu for Windows, Linux and macOS, by moving to Helps > "About Chrome."


0 Comments

Post a Comment

Post a Comment (0)

Previous Post Next Post