Google Chrome secure channel customers are receiving an replace that rings alongside a number of safety fixes. Replace v86.0.4240.111 features a repair for zero-day vulnerability CVE-2020-15999 found by a member in Google’s Challenge Zero workforce. This new zero-day vulnerability is reported to be a reminiscence bug within the FreeType font rendering library. This was noticed being abused by a risk actor. Chrome customers are beneficial to put in this newest replace by going into the Assist part.
The tech big has confirmed by way of a weblog submit that it has up to date the Chrome secure channel to 86.0.4240.111 for Home windows, Mac, and Linux customers. This replace will roll out for all customers within the coming week. Chrome customers can replace to the newest model by way of the built-in replace perform contained in the browser itself. Hit the three dots on the highest proper nook of the browser window and choose Assist > About Google Chrome. Right here it would present you of any pending replace, and after set up, it would ask you to relaunch the browser to complete the updating course of.
CVE-2020-15999 zero-day vulnerability in FreeType was found and reported by safety researcher Sergei Glazunov of Google Challenge Zero. The tech big says that’s conscious of stories that an exploit for CVE-2020-15999 exists within the wild towards Chrome customers. It’s described as a reminiscence corruption bug and FreeType textual content rendering library has additionally released model 2.10.4 replace as an vital safety launch. The website states, “That is an emergency launch, fixing a extreme vulnerability in embedded PNG bitmap dealing with.”
Challenge Zero workforce lead Ben Hawkes tweeted that different app distributors of Freetype also needs to undertake the repair a s risk actors might resolve to shift their goal from Chrome to different apps that use FreeType.
Is Android One holding again Nokia smartphones in India? We mentioned this on Orbital, our weekly expertise podcast, which you’ll be able to subscribe to by way of Apple Podcasts, Google Podcasts, or RSS, download the episode, or simply hit the play button beneath.