Google Patches Chrome Zero Day Under Attack
Google has announced that a new update to the Chrome browser fixed four vulnerabilities. The new version of Chrome will be rolled out to Windows users over the next several days to mitigate the flaws, particularly one zero-day that is being exploited by attackers. The high severity flaw is a heap buffer overflow bug that lies in WebRTC. The vulnerability was first reported to Google by a security researcher at Avast just one week ago. Google was sure to thank the researchers that worked alongside its own teams to prevent security bugs from reaching the stable channel.
There is currently no additional information regarding how the zero-day bug is exploited and who is currently leveraging it to commit cybersecurity attacks. Google has released some details regarding two other high severity vulnerabilities that were also detected by external researchers, stating that one is a type confusion flaw and the other is a use-after-free flaw in the Chrome OS Shell. All of the bugs have been fixed in the latest update and users should ensure that the patches are implemented as soon as possible to mitigate the threat of attackers exploiting the vulnerabilities.
Read More: Google Patches Chrome Zero Day Under Attack