Google has patched several new security bugs with its new update, including a zero-day vulnerability that is currently being exploited by attackers. Chrome users are advised to ensure their web browser is fully updated to ensure it is protected.
The new vulnerability, tracked as CVE-2020-16009, was discovered by Google’s Threat Analysis Group, which has been pretty busy of late. On Twitter, Shane Huntley, director of the group, praised his team’s work in tackling multiple zero-day threats over the last few weeks. He also confirmed that the most recently patched threat was seen in targeted exploitation and not connected "to any US election-related targeting.”
Other details surrounding the vulnerability have not been disclosed as this may provide attackers with the information they need to develop their own exploits. “Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” a Chrome release update read. “We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”
- The best endpoint protection software on the market
- The best VPN service for your business
- Our list of the best SSL certificate services
Yet another threat
With the coronavirus pandemic continuing to disrupt countries across the globe and the US gearing up for a presidential election, there are plenty of opportunities for cyberattackers to exploit. Misinformation around both the pandemic and the election has been put to use in a variety of phishing campaigns already.
Last month, Google had to patch another zero-day threat, while also exposing a further bug that affected Windows machines. There is no word yet on whether these zero-day threats have been exploited by the same threat actors.
Chrome’s CVE-2020-16009 vulnerability was reportedly found lurking within the browser component that manages JavaScript code. However, if users update Chrome to version 86.0.4240.183 or later they should be protected.
- Here's our roundup of the best antivirus software available today
Via ZDNet