Google Chrome for Android Gets a Zero-Day Vulnerability Fix

Encrypting your link and protect the link from viruses, malware, thief, etc! Made your link safe to visit. Just Wait...

Google has launched a brand new Chrome for Android replace to repair a zero-day flaw that’s at the moment exploited within the wild. The brand new replace arrives simply days after Google mounted two zero-day vulnerabilities within the desktop model of its Chrome browser. Particulars associated to the assault are usually not but public as a majority of Chrome for Android customers are but to put in the replace. Alongside the safety fixes that embrace these rolled out initially for desktop customers, the newest Chrome replace additionally consists of stability and efficiency enhancements.

The newest Chrome for Android replace carries model quantity 86.0.4240.185 that features fixes for a heap buffer overflow vulnerability, listed as CVE-2020-16010. The problem exists within the person interface (UI) element of the Internet browser.

“Google is conscious of reviews that an exploit for CVE-2020-16010 exists within the wild,” the corporate said in a weblog put up.

Google’s Undertaking Zero staff reported the extremely extreme vulnerability on October 31. Additional, the Risk Evaluation Group (TAG) at Google, liable for monitoring menace actors, has been credited for locating the zero-day assaults associated to Chrome for Android.

Particulars of the bug and its exploit are usually not but revealed because the replace is at the moment in its rollout course of. Nonetheless, Google stated that the brand new model would turn out to be out there for obtain by means of Google Play over the following few weeks.

Earlier this week, Google rolled out a safety replace for its Chrome browser on desktops that patched a zero-day vulnerability, tracked as CVE-2020-16009, that existed in JavaScript engine V8.

Previous to the final replace, Google patched one other zero-day situation affecting its Chrome desktop model final month. That vulnerability, recognized as CVE-2020-15999, impacted the FreeType font rendering library of the browser.

It’s unclear whether or not the three zero-day bugs found within the final one month are exploited by a single menace actor or a number of teams. Having stated that, customers on each Android and desktop variations of the Chrome browser are really useful to put in the newest updates as quickly as they’re out there.

Is Android One holding again Nokia smartphones in India? We mentioned this on Orbital, our weekly know-how podcast, which you’ll subscribe to by way of Apple Podcasts, Google Podcasts, or RSS, download the episode, or simply hit the play button beneath.

from Techoview
via Techoview