Google Squashes A Pair Of Chrome Zero-Day Security Exploits, But You Need To Update ASAP
Google has released a new version of Google Chrome today after tackling two more high-profile, zero-day exploits. Over the last several weeks, Google has found multiple attack vectors and has been squashing them at a rapid pace, so this is just a couple more on the pile. Users are advised to upgrade Chrome ASAP, as the risk for these exploits is ranked “High” by Google.
The other vulnerability, designated CVE-2020-16017, is explained as a “Use after free in site isolation” vulnerability. This means that when memory is freed, something may try to use it, which could “can cause a program to crash, use unexpected values, or execute code,” according to MITRE, one of the leading not-for-profit government research centers dealing with cybersecurity.
At present, Google is not reporting the specifics of these exploits due to the widespread nature of the vulnerabilities. Even though we do not have an exact idea of how dangerous the vulnerabilities are, users need to patch Chrome right away as Google reports that “CVE-2020-16013 and CVE-2020-16017 exist in the wild.”