Two security vulnerabilities in Chrome have been discovered and one of them is being used excessively to exploit users. Following this, Google released an update to overcome the loopholes of security.
These vulnerabilities are CVE-2019-13720 and CVE-2019-13721 and are categorized as “use-after-free” vulnerabilities. It means the data in memory is corrupted by hacker remotely and then the arbitrary code is executed, allowing hijacking PC.
One of the two vulnerabilities affects the audio component of Chrome, whereas the other is for PDFium library that is used by Chrome to create and render PDF documents. Kaspersky researchers, Anton Ivanov and Alexey Kulaev, first identified the audio component being exploited. Therefore users are urged to update Google Chrome.
The security vulnerabilities in version 78.0.3904.87 are fixed in the latest version of Chrome that was released yesterday and is available for Windows, Mac and Linux. Though Chrome will be updated automatically but in case it does not, users can manually update it by going to Help and then selecting About Google Chrome in the menu (or simply paste this in address bar chrome://settings/help).
After the Chrome is updated, vulnerabilities will be removed and users can use browser without any threat. Chrome faced a similar zero-day exploit in March this year.
More than a billion people use Chrome, therefore, it is important to ensure their security and overcome the security holes as soon as possible. Also, online software must be updated automatically to further make their usage reliable.
Read next: Google clears out the Confusion on Chrome’s Encrypted DNS-Push
These vulnerabilities are CVE-2019-13720 and CVE-2019-13721 and are categorized as “use-after-free” vulnerabilities. It means the data in memory is corrupted by hacker remotely and then the arbitrary code is executed, allowing hijacking PC.
One of the two vulnerabilities affects the audio component of Chrome, whereas the other is for PDFium library that is used by Chrome to create and render PDF documents. Kaspersky researchers, Anton Ivanov and Alexey Kulaev, first identified the audio component being exploited. Therefore users are urged to update Google Chrome.
The security vulnerabilities in version 78.0.3904.87 are fixed in the latest version of Chrome that was released yesterday and is available for Windows, Mac and Linux. Though Chrome will be updated automatically but in case it does not, users can manually update it by going to Help and then selecting About Google Chrome in the menu (or simply paste this in address bar chrome://settings/help).
After the Chrome is updated, vulnerabilities will be removed and users can use browser without any threat. Chrome faced a similar zero-day exploit in March this year.
More than a billion people use Chrome, therefore, it is important to ensure their security and overcome the security holes as soon as possible. Also, online software must be updated automatically to further make their usage reliable.
Read next: Google clears out the Confusion on Chrome’s Encrypted DNS-Push
