Two more zero-days plugged in Google Chrome

Posted on Thursday, November 12 2020 @ 14:08 CET by Thomas De Maesschalck
GOOG logo
ZD Net reports Google plugged two more zero-day vulnerabilities in its Chrome browser. Lately, Chrome has been hit by a lot of zero-day bugs. This marks the fourth and fifth zero-days that Google has patched over the past three weeks. To be secure, you need Chrome version 86.0.4240.198.
The difference this time is that while the first three zero-days were discovered internally by Google security researchers, these two new zero-days came to Google's attention after tips from anonymous sources.

Details about the attacks where the Chrome two zero-days have been used have not been made public, at the time of writing.
The first bug affects the JavaScript engine while the other one affected Site Isolation:
CVE-2020-16017 - Described as a "use after free" memory corruption bug in Site Isolation, the Chrome component that isolates each site's data from one another.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments