CYBERSECURITY: Google web browser, Chrome presents actively exploited zero-day vulnerability
The Mountain View firm has just released a new update for Chrome . This does not bring new functionality, but many important security fixes. There is indeed question that Chrome 86 is the victim of a “zero-day” security breach actively exploited by hackers. It is therefore strongly recommended to install the update quickly.
The flaw in question is described as a memory corruption issue in the FreeType font library found in standard versions of Chrome. Google’s Project Zero cybersecurity researchers discovered that this vulnerability was the subject of numerous hacker attacks. By exploiting this flaw, hackers can attack Chrome users directly.
Google does not go into details
Google does not specify exactly the nature of the flaw or the attacks. By doing so, the Mountain View firm gives its users time to install the corrective update for Chrome while avoiding chewing up the work of hackers who could try to exploit the vulnerability in the meantime. Especially since the FreeType is an open-source project, so the corrective patch is visible in its source code which could put hackers on the way, as ZDNet points out. It is therefore urgent to update your web browser.
The vulnerability doesn’t just affect Google’s web browser, which is why Project Zero team leader Ben Hawkes is urging app vendors that use the same FreeType library to close this security flaw.
As for Chrome, Google has just released a new version of its Internet browser. Users are advised to quickly download Chrome version 86.0.4240.111. For that, go to Chrome. Click on the three small dots at the top right, then Help, About Google Chrome and relaunch browser if it offers you an update.