Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Google addresses high severity bugs in Chrome

Google released security updates to address multiple high-severity vulnerabilities in the popular Chrome browser. Google released security updates to address multiple high-severity vulnerabilities in Chrome, the tech giant also announced a pause for upcoming releases of the popular browser. The version 80.0.3987.149 is available for download for Windows, Mac, and Linux. Google announced that it […]

Google Chrome Gemini Live

Google released security updates to address multiple high-severity vulnerabilities in the popular Chrome browser.

Google released security updates to address multiple high-severity vulnerabilities in Chrome, the tech giant also announced a pause for upcoming releases of the popular browser.

The version 80.0.3987.149 is available for download for Windows, Mac, and Linux.

Google announced that it paused the upcoming releases of both Chrome and Chrome OS due to the current COVID-19 outbreak.

“Due to adjusted work schedules at this time, we are pausing upcoming Chrome and Chrome OS releases.” reads Google’s release update.

“Our primary objectives are to ensure they continue to be stable, secure, and work reliably for anyone who depends on them. We’ll continue to prioritize any updates related to security, which will be included in Chrome 80.”

Google addresses 13 security vulnerabilities, the most severe one, tracked as CVE-2020-6422, is a use-after-free issue that affects the WebGL. The vulnerability was discovered by David Manouchehri that earned $8,500 as part of the bug bounty program of the company.

Google also addressed two other vulnerabilities, tracked as CVE-2020-6424 and CVE-2020-6425 respectively. The flaws are a use-after-free in the media component and an insufficient policy enforcement issue in extensions, both issues were reported by Sergei Glazunov of Google Project Zero.

Google also fixed four use-after-free issues, tracked as CVE-2020-6427, CVE-2020-6428, CVE-2020-6429, and CVE-2020-6449, in the audio component.

The vulnerabilities were reported by Man Yue Mo of the Semmle Security Research Team.

The IT company also addressed an out-of-bounds read bug in usersctplib, which is tracked as CVE-2019-20503. The vulnerability was reported by Natalie Silvanovich from Google Project Zero.

The updates also address an inappropriate implementation in V8, the issue racked as CVE-2020-6426 was reported by Avihay Cohen of SeraphicAlgorithms.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Google Chrome, cybercrime)

[adrotate banner=”5″]

[adrotate banner=”13″]