Google released security updates to address multiple high-severity vulnerabilities in Chrome, the tech giant also announced a pause for upcoming releases of the popular browser.
The version 80.0.3987.149 is available for download for Windows, Mac, and Linux.
Google announced that it paused the upcoming releases of both Chrome and Chrome OS due to the current COVID-19 outbreak.
“Due to adjusted work schedules at this time, we are pausing upcoming Chrome and Chrome OS releases.” reads Google’s release update.
“Our primary objectives are to ensure they continue to be stable, secure, and work reliably for anyone who depends on them. We’ll continue to prioritize any updates related to security, which will be included in Chrome 80.”
Google addresses 13 security vulnerabilities, the most severe one, tracked as CVE-2020-6422, is a use-after-free issue that affects the WebGL. The vulnerability was discovered by David Manouchehri that earned $8,500 as part of the bug bounty program of the company.
Google also addressed two other vulnerabilities, tracked as CVE-2020-6424 and CVE-2020-6425 respectively. The flaws are a use-after-free in the media component and an insufficient policy enforcement issue in extensions, both issues were reported by Sergei Glazunov of Google Project Zero.
Google also fixed four use-after-free issues, tracked as CVE-2020-6427, CVE-2020-6428, CVE-2020-6429, and CVE-2020-6449, in the audio component.
The vulnerabilities were reported by Man Yue Mo of the Semmle Security Research Team.
The IT company also addressed an out-of-bounds read bug in usersctplib, which is tracked as CVE-2019-20503. The vulnerability was reported by Natalie Silvanovich from Google Project Zero.
The updates also address an inappropriate implementation in V8, the issue racked as CVE-2020-6426 was reported by Avihay Cohen of SeraphicAlgorithms.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – Google Chrome, cybercrime)
[adrotate banner=”5″]
[adrotate banner=”13″]
A flaw in O2 4G Calling (VoLTE) leaked user location data via network responses due…
China-linked UnsolicitedBooker used a new backdoor, MarsSnake, to target an international organization in Saudi Arabia.…
The UK’s Legal Aid Agency suffered a cyberattack in April and has now confirmed that…
Cybersecurity Observatory of the Unipegaso's malware lab published a detailed analysis of the Sarcoma ransomware.…
Mozilla addressed two critical Firefox vulnerabilities that could be potentially exploited to access sensitive data…
Japan passed a law allowing preemptive offensive cyber actions, shifting from its pacifist stance to…
This website uses cookies.
