Google has released patches for two more serious Chrome (opens in new tab) vulnerabilities, making it a busy few weeks for its security team. Although recently discovered exploits have been identified by Google’s own Project Zero (opens in new tab) security team, the two new bugs were noticed by anonymous sources.
The new vulnerabilities are being tracked as CVE-2020-16013 and CVE-2020-16017 but it is not yet known if they are being used together as part of an exploit chain or if they are being deployed individually. However, Google did confirm (opens in new tab) reports “that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild”.
- Check out our complete list of the best antivirus (opens in new tab) software available today
- Here's our list of the best endpoint protection solutions (opens in new tab)
- Also, see our roundup of the best malware removal tools (opens in new tab)
It is not currently clear how much of a risk these two vulnerabilities pose to regular users, but Google certainly thought that they presented enough of a threat to act swiftly. The technology giant was informed of the bugs less than a week ago.
Google has had plenty of practice when it comes to issuing patches in the last few weeks. Since October 20, Google has issued five zero-day patches (including the two most recent ones). As with those earlier bugs, Chrome users simply need to update their web browser to the most recent version in order to remain protected.
For anyone that hasn’t updated Chrome for a little while, however, there probably isn’t a need to panic. Zero-day exploits are usually deployed against selected targets, so the general user needn’t rush too much to get the latest security patches installed.
- Here's our list of the best web hosting services (opens in new tab)
Via ZDNet (opens in new tab)