Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
New Google Chrome version fixes actively exploited zero-day bug
#1
Quote:Google has released Chrome 86.0.4240.111 today, October 20th, 2020, to the Stable desktop channel to address five security vulnerabilities, one of them an actively exploited zero-day bug.


"Google is aware of reports that an exploit for CVE-2020-15999 exists in the wild," the Google Chrome 86.0.4240.111 announcement reads.

This version is rolling out to the entire userbase during the next days/weeks. Windows, Mac, and Linux desktop users can upgrade to Chrome 86 by going to Settings -> Help -> About Google Chrome.

The Google Chrome web browser will then automatically check for the new update and install it when available.

Freetype zero-day bug under active exploitation
"Project Zero discovered and reported an actively exploited 0day in freetype that was being used to target Chrome," said Ben Hawkes, technical team lead of Google's 'Project Zero' security research team.

"While we only saw an exploit for Chrome, other users of freetype should adopt the fix discussed here: https://savannah.nongnu.org/bugs/?59308 -- the fix is also in today's stable release of FreeType 2.10.4," Hawkes added.

The heap buffer overflow zero-day bug found in the popular FreeType text rendering library has been reported by Google Project Zero's Sergei Glazunov on October 19.

According to Glazunov's report, the vulnerability "exists in the function `Load_SBit_Png`, which processes PNG images embedded into fonts."
source : https://www.bleepingcomputer.com/news/se...o-day-bug/
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Google Chrome will stop working properly on millions of Windows PCs next week Imran 1 357 01-06-2023 , 05:46 PM
Last Post: Imran
  Update Google Announces a New Version of Google Chrome tarekma7 0 221 12-24-2022 , 04:24 PM
Last Post: tarekma7
  Update Google Chrome Mohammad.Poorya 40 13,187 10-19-2022 , 08:37 PM
Last Post: Martirosyan
  Google is now testing passkey support for Chrome and Android Imran 0 263 10-19-2022 , 11:45 AM
Last Post: Imran
  Google Chrome extensions can be fingerprinted to track you online Imran 0 895 06-20-2022 , 06:00 PM
Last Post: Imran

Forum Jump:


Users browsing this thread: 1 Guest(s)