CyberNews Briefs

Google Fixes High-Severity Chrome Browser Code Execution Bug

Google Chrome users will receive a patch later this week that fixes a severe vulnerability that can be manipulated by attackers to execute arbitrary code. The flaw lied in the Chrome 85 stable channel, however, has since been fixed by the company. The flaw is a bug in the WebGL (Graphics Library) components of the Chrome browser that allows users to render 2D and 3D graphics within the browser, utilizing Javascript API.

The flaw in question stems from the WebGL component’s inability to properly handle objects stored in memory within the rendering function. According to researchers, a cyberattacker could use the vulnerability to manipulate the memory layout of the browser, allowing them to access the use-after-free exploit. This could eventually lead to arbitrary code execution. Google has urged its customers to implement the update as soon as possible, as it ranks 8.3 out of 10 on the CVSS scale.

Read More: Google Fixes High-Severity Chrome Browser Code Execution Bug

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.