In its latest set of updates, Google released two patches for Chrome zero-day vulnerabilities being exploited in the wild. Over the past three weeks, Google has patched a total of five zero-day flaws in Chrome. The bugs affect Chrome version 86.0.4240.198, and it is recommended that the updates be implemented immediately to avoid cyberattacks leveraging the flaws. The two most recently patched zero-days came to Google’s attention via tips from anonymous sources.
Although details of the attacks in which the anonymous tippers observed the zero-days being exploited, one is described as regarding inappropriate implementation in V8, the Chrome component that handles JavaScript code. The other is a memory corruption bug. Google has not released information on whether the bugs are used together as an exploit chain or individually, however, one was reported Monday and the other was reported yesterday.
Read More: Google patches two more Chrome zero-days