Google Patches Actively Exploited Chrome Vulnerability

Google Chrome Update Patches Actively Exploited Zero-Day
Share It On:

October 1st, 2019, Kathmandu

Google, Inc. has rolled out a software update for its famous and most widely used Chrome web browser. The company appealed to all Windows, Mac and Linux users to upgrade to the latest version that is available from their website. Google released the updated chrome version as a preventive measure against hackers who look to exploit the vulnerable features of the web browser.

Chrome 77.0.3865.90 version is updated with security patches for three high-risk and one critical vulnerability. The worst-case scenario presented by the company claims that remote hackers could access the affected system via these risk factors. The company decided to keep track of the four dangerous secrets and allow more time for users to update their applications.

The chrome security team has said that all the risk factors are use-after-free issues in various parts of the web browser, and the critical case might lead to unauthorized access to a remote device with attacking mentality.

The vulnerabilities that were patched by Chrome 77.0.3865.90 are:

  • Use-after-free in UI (CVE-2019-13685) — Reported by Khalil Zhani
  • Use-after-free in offline pages (CVE-2019-13686) — Reported by Brendon Tiszka
  • Use-after-free in media (CVE-2019-13688) and Use-after-free in media (CVE-2019-13687)— Reported by Man Yue Mo of Semmle Security Research Team

The company has handed out $40,000 as rewards to Man Yue Mo of Semmle for the two vulnerabilities they reported.

With remote access codes, these risk factors would allow an attacker to execute specific laws in the browser itself by just getting the user to click a link or redirecting them to a particular webpage via the browser.


Share It On:

Recent Posts

Kumari Bank Promoter Share Sale: Eligibility, Application Process, and Price

Kumari Bank Promoter Share Sale: Eligibility, Application Process, and Price

Share It On:21st November, Kathmandu Kumari Bank Limited has officially declared its intention to sell a substantial number of promoter

Up to NPR 150 Cashback on Nepal Telecom and Ncell Services with Namaste Pay

Up to NPR 150 Cashback on Nepal Telecom and Ncell

Share It On:21st November, Kathmandu Namaste Pay has unveiled an exciting new campaign to reward its users with cashback on

Ncell introduces innovative feature, enabling customers to convert voice to data or data to voice services

Ncell introduces innovative feature, enabling customers to convert voice to

Share It On:21st November, Kathmandu Ncell customers can enjoy an innovative feature that allows them to convert or exchange remaining

Genese Solution’s G-TEC: Empowering Women in Tech and Creating a Diverse Tech Workforce in Nepal

Genese Solution’s G-TEC: Empowering Women in Tech and Creating a

Share It On:21st November 2024, Kathmandu Genese Solution – a value IT consulting company, and Kageshwori Manohara municipality, have joined

Shikhar Insurance: Celebrating 20 Years of Service and Commitment to Nepali Customers

Shikhar Insurance: Celebrating 20 Years of Service and Commitment to

Share It On:21st November 2024, Kathmandu Shikhar Insurance had a grand celebration for their 20th Anniversary. On the occasion of

India’s Generative AI Startups: A Comprehensive Look at 2024’s Key Trends and Investments

India’s Generative AI Startups: A Comprehensive Look at 2024’s Key

Share It On:21st November 2024, Kathmandu As 2024 draws to a close, India’s generative AI ecosystem stands out as a