Google Address Two More Chrome Zero-Day Vulnerabilities

  •  
  •  
  •  
  • 1
  •  
  •  
  •  
    1
    Share

Continuing the trail of urgent fixes, Google has now disclosed two more zero-day vulnerabilities in Chrome. Since the patches are out, make sure to update your Chrome browsers ASAP.

Two More Chrome Zero-Day Vulnerabilities

This week, Google has addressed two more zero-day vulnerabilities affecting the Chrome browser.

Once again, the researchers haven’t disclosed any explicit details about the bugs. Yet, they have confirmed that the bugs remain under active attack before receiving a fix.

However, they have briefly stated about the bugs in their post announcing the Chrome 86.0.4240.198 stable release.

Specifically, the first of these is an inappropriate implementation in the V8 component of the browser (CVE-2020-16013).

Recently, Google has also addressed a zero-day affecting the V8 component (CVE-2020-16009) that was a type confusion flaw.

Whereas, the second vulnerability, CVE-2020-16017, was a use-after-free flaw affecting the site isolation feature of the browser.

Google has labeled both these bugs reported by Anonymous reporters as high-severity flaws. It hasn’t announced a precise bounty for these reports.

Yet, Google confirmed the exploitation of the bugs in the wild.

Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild.

Update Chrome Now

Given the active exploitation of the two flaws and the availability of fix with the latest Chrome release, all users must ensure updating their respective devices to the latest version 86.0.4240.198.

Although, the update will automatically reach the devices. However, users can also manually update their browsers to ensure a quick fix.

Follow this path to update the browser: Menu > Help > About Google Chrome. If an update is available, click to install it.

While the present bugs do not specifically impact Android users, Google has already addressed a zero-day impacting Chrome for Android a week ago.

On a side note, Microsoft has also addressed the zero-day affecting Windows Kernel that Google researchers reported recently. The patch is now available with the November Patch Tuesday updates. Hence, all Windows users should also update their systems at the earliest.

The following two tabs change content below.

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

One thought on “Google Address Two More Chrome Zero-Day Vulnerabilities

  • November 19, 2020 at 8:14 am
    Permalink

    Thanks for sharing your knowledge. I’m sure it will help me in improving my targeted audience in PPC Services and promote my business effectively. Your blog is very great and helpful for PPC tips.

Comments are closed.

Do NOT follow this link or you will be banned from the site!