0-day Bug – Update Chrome Now!

Forums Networking & Cybersecurity General Cybersecurity Discussions 0-day Bug – Update Chrome Now!

  • Post
    Hey guys,

    Saw this article in hacker news

    Attention readers, if you are using Chrome on your Windows, Mac, and Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today.

    With the release of Chrome 78.0.3904.87, Google is warning billions of users to install an urgent software update immediately to patch two high severity vulnerabilities, one of which attackers are actively exploiting in the wild to hijack computers.

    Without revealing technical details of the vulnerability, the Chrome security team only says that both issues are use-after-free vulnerabilities, one affecting Chrome’s audio component (<b>CVE-2019-13720</b>) while the other resides in the PDFium (<b>CVE-2019-13721</b>) library.

    The use-after-free vulnerability is a class of memory corruption issues that allows corruption or modification of data in the memory, enabling an unprivileged user to escalate privileges on an affected system or software.

    Thus, both flaws could enable remote attackers to gain privileges on the Chrome web browser just by convincing targeted users into visiting a malicious website, allowing them to escape sandbox protections and run arbitrary malicious code on the targeted systems.
    <h2>Google Chrome Zero-Day Under Active Attacks</h2>
    Discovered and reported by Kaspersky researchers Anton Ivanov and Alexey Kulaev, the audio component issue in the Chrome application has been found exploited in the wild, though it remains unclear at the time which specific group of hackers.c


    • This topic was modified 1 year, 2 months ago by pkillpeers.
    • This topic was modified 1 year, 2 months ago by pkillpeers.
  • You must be logged in to reply to this topic.