High-Severity Chrome Bugs Allow Hackers to Compromise the Browser – Update Now!!

Google released a new Chrome 87.0.4280.88 update for Windows, Mac and Linux with the fixes of high severity vulnerabilities that allow attackers to take over the Brower.

However, the experts affirmed that an attacker could utilize vulnerabilities to take charge of an affected system.. Moreover, the security researchers have also mentioned that how a user can manually update their Chrome browser. So, to manually update a Chrome browser, users have to follow the steps that we have mentioned:-

  • The users have to click on the three dots menu that is present on the upper-right hand side of the window. 
  • After the above step now, the user has to select the “Help”  option from the menu list.
  • Then users have to select the “About Google Chrome” option.
  • Once the user opens that menu item, it will automatically trigger Chrome to watch for any updates.

Security Fixes

According to the Google report, this new update has fixed eight security flaws, and here we have mentioned below the fixes that have been provided by the external researchers:-

  1. CVE-2020-16037 (High): Use after free in the clipboard, and it’s reported by Ryoya Tsukasaki on 2020-10-26.
  2. CVE-2020-16038 (High): Use after free in communications, and it’s reported by Khalil Zhani on 2020-10-14.
  3. CVE-2020-16039 (High): Use after free in extensions, and it’s reported by Anonymous on 2020-11-15.
  4. CVE-2020-16040 (High): Inadequate data validation in V8, and it’s reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2020-11-19.
  5. CVE-2020-16041 (Medium): Out of bounds read in networking, and it’s reported by Sergei Glazunov and Mark Brand of Google Project Zero on 2020-11-23.
  6. CVE-2020-16042 (Medium): Uninitialized Use in V8, and it’s reported by André Bargull on 2020-11-23.

Tools Used to Detect Bugs

There are many security bugs that have been detected using these tools that we have mentioned below:- 

Since Google Chrome is one of the most popular web browsers, that’s why it needs proper updates from time to time. And being one of the popular browsers, the threat actors always target Chrome with several vulnerabilities.

Apart from this, the security experts asserted that these security flaws are actually a high severity strike vector that can undoubtedly be exploited by threat actors to launch prerogative-escalation attacks in the Linux kernel of Chrome.

Moreover, Google thanked all the security researchers who have worked with them to prevent all the security bugs. And they are still trying their best to keep Google free from all kinds of security bugs and flaws.

You can follow us on LinkedinTwitterFacebook for daily Cyber security and hacking news updates.

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.