May 28, 2023

Google has addressed two zero-day vulnerabilities, actively exploited in the wild, addresses in the release of Chrome version 86.0.4240.198.

Tracked as CVE-2020-16013 and CVE-2020-16017, were reported by anonymous sources. Google experts did not disclose the way the flaws have been exploited in the attacks.

The CVE-2020-16013 flaw is an inappropriate implementation in V8 Chrome component.

The CVE-2020-16017 flaw is a use after free memory corruption bug in Site Isolation

It is interesting to note that one of the vulnerabilities was reported to Google the same day the company released the new version of the popular browser.

The other three zero-days patched by Google in the last weeks were:

  • CVE-2020-15999 â€“ The flaw is a memory corruption bug that resides in the FreeType font rendering library, which is included in standard Chrome releases.
  • CVE-2020-16009 â€“ is a Heap buffer overflow in Freetype in Google Chrome.
  • CVE-2020-16010 â€“ affects the browser’s user interface (UI) component in Chrome for Android.

It’s mind boggling to update chrome day after week after months to get protection against Exploit

Tags:

Leave a Reply

Related Post

Chrome Tailgates IE fix 0 Day

Chrome Tailgates IE fix 0 Day

June 10, 2021
Google now let you Untrusted Extension

Google now let you Untrusted Extension

June 6, 2021

You may have missed

TheCyberThrone Security Week In Review–May 27, 2023

TheCyberThrone Security Week In Review–May 27, 2023

May 28, 2023
Zyxel Patches Critical Buffer Overflow Vulnerability

Zyxel Patches Critical Buffer Overflow Vulnerability

May 27, 2023
Apria Data Breach affects 2 million customers

Apria Data Breach affects 2 million customers

May 27, 2023
CosmicEnergy Malware Shutting Electric grid

CosmicEnergy Malware Shutting Electric grid

May 27, 2023
Operation Magalenha from Brazil

Operation Magalenha from Brazil

May 27, 2023
Buhti Ransomware Dissection

Buhti Ransomware Dissection

May 26, 2023
%d bloggers like this: