Tuesday, October 27, 12:12
Home security Google: Chrome patch released for zero-day vulnerability fix

Google: Chrome patch released for zero-day vulnerability fix

Η Google released the new version yesterday Chrome 86.0.4240.111, with updates security, to fix a zero-day vulnerability which, according to the company, already used by Criminals of cyberspace.

Google Chrome

Zero-day vulnerability has been named by researchers "CVE-2020-15999”And is described as error affecting memory in the FreeType font rendering library, which is available in standard Chrome distributions.

His security researchers Project Zero (Google Internal Security Team) located attacks exploiting the zero-day vulnerability in FreeType.

According to the head of the Project Zero team, Ben Hawkes, there is at least one hacking team that exploits this bug to aim users of Chrome.

Hawkes urges even vendors of other applications, using the same FreeType library, to update their software as well, as attackers may decide to move attacks and target other applications. That's why Google released it yesterday FreeType 2.10.4, to help vendors fix vulnerabilities.

zero-day

With regard to users of Chrome, can download the new version v86.0.4240.111 via the browser's built-in updates (go to the Chrome menu, click "Help" and go to the "About Google Chrome" section).

No details on zero-day have been released at this time vulnerability CVE-2020-15999. Google usually avoids posting technical details for months to give users enough time to update their systems without risking attacks (as long as it passes through the hand of the company).

However, since the patch for zero-day vulnerability is visible to FreeType source code (an open source project), attackers could reverse-engineer and find their own exploits within the next few days-weeks.

According to ZDNet, vulnerability CVE-2020-15999 is the third error this type (zero-day) in Google Chrome, used by hackers The last year. The two previous ones were the CVE-2019-13720 (October 2019) and CVE-2020-6418 (February 2020).

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortresshttps://www.secnews.gr
Pursue Your Dreams & Live!

LIVE NEWS

Hacker steals $ 24 million from cryptocurrency service Harvest Finance

A hacker has stolen "cryptocurrency assets" worth about 24 million dollars from the decentralized financing service (DeFi) Harvest Finance, a web portal ...

Ransomware attack "hit" election database in Georgia, USA!

A ransomware attack hit Georgia, USA earlier this month, affecting a database used to verify ...

Data breach at the Sheriff's office in Hennepin

The Sheriff's Office in Hennepin County suffered data breaches, which resulted in the leak of information to about 1400 people.

Play Store: 21 Android apps with adware found

Google removed 15 Android apps from the Play Store over the weekend, according to a report from ...

The new KashmirBlack botnet has infected hundreds of thousands of websites

The new KashmirBlack botnet is believed to have infected hundreds of thousands of websites since November 2019.

FBI: Supports US Cyber ​​Camp for IT training and cybersecurity

The USSR and the FBI are working together to support the US Cyber ​​Camp. This...
00:01:52

US: Sanctions on a Russian institute for the development of Triton malware!

The US Treasury Department announced at the end of last week sanctions for a Russian research institute, which is allegedly involved ...

How to customize notifications for specific emails in Outlook

Your inbox may be flooded with junk emails. Sometimes, though, you really need to know when a particular message will arrive ...

Biomedical cyber attack: Hackers send phishing emails

Biomedical cyber attack: Hackers send phishing emails A cyber attack is underway that targets corporate users from many companies in Greece, with emails ...

How to control the brightness of your iPhone lens

It is probably no surprise to any iPhone owner that they can use the LED flash on the back of your iPhone as ...