March 23, 2023

Google releases patches for Chrome that resolve eight vulnerabilities, including five reported by external researchers.

All five security defects are use-after-free flaws, a type of memory safety bug. Four of these issues are high-severity bugs, impacting components such as Blink Media, Mojo IPC, Blink Frames, and Aura.

The vulnerabilities have been tracked as CVE-2022-4436 to CVE-2022-4439 and a medium severity vulnerability tracked as CVE-2022-4440.

The latest update currently rolling out to Mac and Linux users as version 108.0.5359.124, and to Windows users as version 108.0.5359.124/.125.

Google makes no mention of any of these vulnerabilities being exploited in malicious attacks.

Use-after-free issues exist because, after freeing a memory location, an application might not clear the pointer to that location. An attacker in a position to exploit a use-after-free vulnerability may be able to crash the application, corrupt data, or execute arbitrary code on the machine.

Tags:

Leave a Reply

You may have missed

Microsoft Snipping Tool Vulnerability

Microsoft Snipping Tool Vulnerability

March 23, 2023
Google Cloud Armor Advanced DDoS Protection

Google Cloud Armor Advanced DDoS Protection

March 22, 2023
BreachForums Curtains Down

BreachForums Curtains Down

March 22, 2023
Google blocks Pinduoduo App amid Security Concerns

Google blocks Pinduoduo App amid Security Concerns

March 22, 2023
Mandiant Report – Nation State Zero Day Exploits in 2022

Mandiant Report – Nation State Zero Day Exploits in 2022

March 22, 2023
Mispadu Banking Trojan

Mispadu Banking Trojan

March 22, 2023
%d bloggers like this: