17.6 C
New York
Saturday, May 8, 2021
No menu items!
Home Gadgets Google Chrome for Android Gets a Zero-Day Vulnerability Fix

Google Chrome for Android Gets a Zero-Day Vulnerability Fix


Google has released a new Chrome for Android update to fix a zero-day flaw that is currently exploited in the wild. The new update arrives just days after Google fixed two zero-day vulnerabilities in the desktop version of its Chrome browser. Details related to the attack are not yet public as a majority of Chrome for Android users are yet to install the update. Alongside the security fixes that include those rolled out initially for desktop users, the latest Chrome update also includes stability and performance improvements.

The latest Chrome for Android update carries version number 86.0.4240.185 that includes fixes for a heap buffer overflow vulnerability, listed as CVE-2020-16010. The issue exists in the user interface (UI) component of the Web browser.

Google is aware of reports that an exploit for CVE-2020-16010 exists in the wild,” the company said in a blog post.

Google’s Project Zero team reported the highly severe vulnerability on October 31. Further, the Threat Analysis Group (TAG) at Google, responsible for tracking threat actors, has been credited for discovering the zero-day attacks related to Chrome for Android.

Details of the bug and its exploit are not yet revealed as the update is currently in its rollout process. However, Google said that the new version would become available for download through Google Play over the next few weeks.

Earlier this week, Google rolled out a security update for its Chrome browser on desktops that patched a zero-day vulnerability, tracked as CVE-2020-16009, that existed in JavaScript engine V8.

Prior to the last update, Google patched another zero-day issue affecting its Chrome desktop version last month. That vulnerability, identified as CVE-2020-15999, impacted the FreeType font rendering library of the browser.

It is unclear whether the three zero-day bugs discovered in the last one month are exploited by a single threat actor or multiple groups. Having said that, users on both Android and desktop versions of the Chrome browser are recommended to install the latest updates as soon as they are available.


Is Android One holding back Nokia smartphones in India? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

WhatsApp Celebrates Mother’s Day With Mama Love Sticker Pack

WhatsApp has introduced a new Mama Love sticker pack for Mother's Day. The Facebook-owned instant messaging service shared the development on Twitter...

US FTC Examines Repair Restrictions and Impact on Consumer, Small Businesses

US Federal Trade Commission (FTC) has submitted a report examining consumer protection and antitrust issues relating to repair restrictions that manufacturers impose,...

This Tiny Dinosaur Hunted At Night And Could Hear Better Than An Owl

A new study has revealed that a tiny, carnivorous dinosaur, which had an exceptional low-light vision and whose hearing ability was as...

Redmi Note 10S Amazon Landing Page Goes Live With Some Specifications

Redmi Note 10S will launch in India on May 13 and a landing page for the phone is now live on Amazon. Xiaomi...

Recent Comments