Currently, Google Chrome version 86.0.4240.183 is available to download. It fixes 10 security holes, of which one zero-day is being exploited.
|In just 2 weeks, Google discovered two zero-day vulnerabilities in the Chrome browser. Photo: Malwarebytes|
Google has just released the latest security update for Chrome browser, patching 10 vulnerabilities, including a zero-day vulnerability that is still being exploited in the real world. Identified as CVE-2020-16009, this zero-day vulnerability was discovered by Google’s TAG risk analysis team. This is the security team responsible for keeping an eye on the bad actors and their ongoing activity.
In strict accordance with Google tradition, details are about security hole and the exploit team is not made public. It gives Chrome users more time to install updates and prevents other malicious actors from developing their own attacks based on the same zero-day vulnerability. Chrome users are advised to upgrade their browser immediately.
According to ZDN, this is the second Chrome zero-day vulnerability that Google has discovered that has been exploited in the past two weeks. On October 20, Google also released a security update for Chrome, patching the zero-day vulnerability CVE-2020-15999 located in the font rendering library. It can be associated with the zero-day vulnerability on Windows CVE-2020-17087.
The Chrome zero-day vulnerability allows malicious code to be executed inside the browser, while the Windows vulnerability is used to gain authority and attack the operating system. Microsoft plans to patch this vulnerability on November 10.
Google Chrome is the world’s leading web browser in terms of market share. According to statistics in May, Chrome accounts for 69% of the global browser market share. In Vietnam, the number of Google browser users is also overwhelming. Therefore, Vietnamese Internet users should also update this software to avoid the risk of exploitation by hackers.
Nearly 4,200 cyber attacks on Vietnam are supported to handle in 10 months
In the first 10 months of 2020, the National Cyber Security Surveillance Center recorded, warned and instructed how to handle 4,161 network attacks on information systems in Vietnam.