Potential high risk vulnerability was found in the Chrome browser which has the capacity to enable remote attackers to execute code and carry out nefarious activities; it was recently found by Google which later asked its users to update it.
“The stable channel has been updated to 76.0.3809.132 for Windows, Mac, and Linux, which will roll out over the coming days/weeks,” stated Srinivas Sista of Google Chrome.
The vulnerability (CVE-2019-5869) exists in Blink, an open source browser engine that runs the Google Chrome browser. These Browser engines are a major part of every browser and their primary role is to transform HTML documents into visual representations on user’s devices. Blink (first came into existence in 2013 and was developed as a part of the premium project).
According to the researchers this vulnerability in the blink could bypass security restrictions, execute arbitrary code on the system or cause denial-of-service (Dos).The advisories have labeled it as a use-after-free-flaw bug and its attempts to access the memoryis triggered, right after the memory has been freed. This could result in the crash of a program.
“Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights,” said a Center for Internet Security advisory.
The recent update has fixed a total of three security issues but the details of the other two are not revealed by the company.
IoT applications get new powering system
Singaporean Jungle Ventures raises $600M for new fund
In South Korea, high-speed 5G mobile revolution paves the way for evolution
High coal prices put Vietnam’s power supply under strain
Anaam Tiwary is breaking new ground in digital space
© 2022 CIO Bulletin. All rights reserved.