Wednesday, April 17, 2024

Google Chrome Security Update Wide Range of Attacks – Update Now!

Google released Chrome 85.0.4183.121 for Windows, Mac, and Linux which comes with a fix for 10 security flaws.

Successful exploitation of the vulnerability lets attackers execute arbitrary code in the context of the user.

Out of 10 vulnerabilities, 7 of them are reported by external security researchers and three of them by the Google security team.

CVE-2020-15960: Out of bounds read in storage, which allows an attacker to read from other memory locations or cause a crash.

CVE-2020-15961, CVE-2020-15963, CVE-2020-15966: Insufficient policy enforcement in extensions vulnerability with Google Chrome allows attackers who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.

CVE-2020-15962: Insufficient policy enforcement in serial flaw allows remote attackers to use confuse the user via a crafted domain name.

CVE-2020-15965: Out of bounds write allows attackers to write outside of the boundaries of the buffer.

CVE-2020-15964: Insufficient data validation flaw was found in the media router component of the Chromium browser.

Along with these vulnerabilities, Google fixed other flaws reported by its internal security teams.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”

Chrome users are recommended to update with the new version as soon as possible.

How to Update

Steps to update for Windows, Mac, and Linux desktop users

  • Open Chrome browser
  • Head to Settings
  • Expand help
  • About Google Chrome
  • The browser will process the update

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates


Latest articles

Trustifi’s Email Security Awareness Training – Empowering MSPs to Train & Protect Clients

In today's digital landscape, email security has become a critical concern for businesses of...

Personal Data Exposed in Massive Global Hack: Understanding the Implications & Guarding Privacy- Axios Security Group

In a digital age where information is the new currency, the recent global hack...

Ex-Security Engineer Jailed For Hacking Decentralized Cryptocurrency Exchanges

Ahmed exploited a vulnerability in a decentralized cryptocurrency exchange's smart contract by injecting fabricated...

Omni Hotels & Resorts Hack: Attackers have Stolen Customer Information

Omni Hotels & Resorts has revealed that it was the target of a recent...

Connect:fun Attacking Organizations Running Fortinet’s FortiClient EMS

A new exploit campaign has emerged, targeting organizations that utilize Fortinet’s FortiClient EMS.Dubbed...

TA558 Hackers Compromised 320+ Organizations’ FTP & SMTP Servers

TA558, a financially motivated threat actor identified in 2018, is targeting several countries but...

Blackjack Hackers Destroyed 87,000 Sensors Using Lethal ICS Malware

A group of cybercriminals known as "Blackjack" has launched a devastating attack on industrial...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Top 3 SME Attack Vectors

Securing the Top 3 SME Attack Vectors

Cybercriminals are laying siege to small-to-medium enterprises (SMEs) across sectors. 73% of SMEs know they were breached in 2023. The real rate could be closer to 100%.

  • Stolen credentials
  • Phishing
  • Exploitation of vulnerabilities

Related Articles