Exodus Intelligence researcher István Kurucsai has reported another case of patch gapping in Google Chrome.
A ‘patch gap’ can be best explained as a time slot between the fix of security vulnerability and its availability to the users. This time slot can be of advantage to hackers as they closely monitor the security patches and unleash an attack before the patch is made public.
One of the main issues with patch gaps is that sometimes these critical fixes take months and in the meantime cause panic in the cybersecurity world.
More about Chrome’s patch gap
Patch gaps are a recurring process and most of them aren’t potentially dangerous, but the current patch gap in chrome has several vulnerabilities those open doors for hackers. It was found that the V8 bug, whose fix caused a patch gap, is a potential threat.
Although the patch for this bug was made available in August, it was only scheduled to release with Chrome 77 in September. This means that the hackers had enough time to develop an exploit and utilize the patch gap.
What a user can do
MediaTek launches a yet another mid-ranger, the Helio P95
Google Chrome about to block insecure content in HTTPS pages
Chrome has Google Duplex That Now Lets You Buy Movie Tickets
Chrome OS 77 Is Out With a Number of Features
Apple Invests Another $250 Million In Corning
© 2020 CIO Bulletin. All rights reserved.