Recommended reading

Update Google Chrome now to fix this major security bug

News
By published

Another Google Chrome zero-day exploit has been discovered

Zero-day attack
(Image credit: Shutterstock.com)

Google has patched several new security bugs with its new update, including a zero-day vulnerability that is currently being exploited by attackers. Chrome users are advised to ensure their web browser is fully updated to ensure it is protected.

The new vulnerability, tracked as CVE-2020-16009, was discovered by Google’s Threat Analysis Group, which has been pretty busy of late. On Twitter, Shane Huntley, director of the group, praised his team’s work in tackling multiple zero-day threats over the last few weeks. He also confirmed that the most recently patched threat was seen in targeted exploitation and not connected "to any US election-related targeting.”

Other details surrounding the vulnerability have not been disclosed as this may provide attackers with the information they need to develop their own exploits. “Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” a Chrome release update read. “We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”

Yet another threat

With the coronavirus pandemic continuing to disrupt countries across the globe and the US gearing up for a presidential election, there are plenty of opportunities for cyberattackers to exploit. Misinformation around both the pandemic and the election has been put to use in a variety of phishing campaigns already.

Last month, Google had to patch another zero-day threat, while also exposing a further bug that affected Windows machines. There is no word yet on whether these zero-day threats have been exploited by the same threat actors.

Chrome’s CVE-2020-16009 vulnerability was reportedly found lurking within the browser component that manages JavaScript code. However, if users update Chrome to version 86.0.4240.183 or later they should be protected.

Via ZDNet

TOPICS
Barclay Ballard
Barclay Ballard

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.