Google Patches Actively Exploited Chrome Vulnerability

Google Chrome Update Patches Actively Exploited Zero-Day
Share It On:

October 1st, 2019, Kathmandu

Google, Inc. has rolled out a software update for its famous and most widely used Chrome web browser. The company appealed to all Windows, Mac and Linux users to upgrade to the latest version that is available from their website. Google released the updated chrome version as a preventive measure against hackers who look to exploit the vulnerable features of the web browser.

Chrome 77.0.3865.90 version is updated with security patches for three high-risk and one critical vulnerability. The worst-case scenario presented by the company claims that remote hackers could access the affected system via these risk factors. The company decided to keep track of the four dangerous secrets and allow more time for users to update their applications.

The chrome security team has said that all the risk factors are use-after-free issues in various parts of the web browser, and the critical case might lead to unauthorized access to a remote device with attacking mentality.

The vulnerabilities that were patched by Chrome 77.0.3865.90 are:

  • Use-after-free in UI (CVE-2019-13685) — Reported by Khalil Zhani
  • Use-after-free in offline pages (CVE-2019-13686) — Reported by Brendon Tiszka
  • Use-after-free in media (CVE-2019-13688) and Use-after-free in media (CVE-2019-13687)— Reported by Man Yue Mo of Semmle Security Research Team

The company has handed out $40,000 as rewards to Man Yue Mo of Semmle for the two vulnerabilities they reported.

With remote access codes, these risk factors would allow an attacker to execute specific laws in the browser itself by just getting the user to click a link or redirecting them to a particular webpage via the browser.


Share It On:

Recent Posts

Citizens Bank 11.11 Deals: Exclusive Discounts on Daraz

Citizens Bank 11.11 Deals: Exclusive Discounts on Daraz

Share It On:5th November 2024, Kathmandu Citizens Bank International Limited signed an agreement with Nepal’s leading online marketplace, Daraz, to

Local Talent Shines in Cybersecurity: Bipu Ojha and Tuan Khuat Win CDU IT CodeFair CTF

Local Talent Shines in Cybersecurity: Bipu Ojha and Tuan Khuat

Share It On:5th November 2024, Kathmandu Bipu Ojha and his teammate Tuan Khuat have emerged as winners in the prestigious

CEDB Hydropower’s Extraordinary General Meeting Concluded: Five Directors Elected

CEDB Hydropower’s Extraordinary General Meeting Concluded: Five Directors Elected

Share It On: 5th November 2024, Kathmandu CEDB Hydropower Development Company Limited has successfully concluded its extraordinary general meeting. CEDB

Government’s Journalist Accident Insurance Program: Apply Now For Your Protection

Government’s Journalist Accident Insurance Program: Apply Now For Your Protection

Share It On: 5th November, Kathmandu The Department of Information and Broadcasting has announced the launch of a new insurance

Nepal Life’s Property Acquisition in Hetauda: A Strategic Move For Growth

Nepal Life’s Property Acquisition in Hetauda: A Strategic Move For

Share It On:5th November, Kathmandu Nepal Life Insurance, a leading life insurance company in Nepal, has recently expanded its footprint

Global IME Dividend Announcement: Key Book Closure Date Revealed

Global IME Dividend Announcement: Key Book Closure Date Revealed

Share It On:5th November 2024, Kathmandu Global IME Bank has good news for its shareholders! The bank has announced a