Google released security updates to address multiple high-severity vulnerabilities in Chrome, the tech giant also announced a pause for upcoming releases of the popular browser.
The version 80.0.3987.149 is available for download for Windows, Mac, and Linux.
Google announced that it paused the upcoming releases of both Chrome and Chrome OS due to the current COVID-19 outbreak.
“Due to adjusted work schedules at this time, we are pausing upcoming Chrome and Chrome OS releases.” reads Google’s release update.
“Our primary objectives are to ensure they continue to be stable, secure, and work reliably for anyone who depends on them. We’ll continue to prioritize any updates related to security, which will be included in Chrome 80.”
Google addresses 13 security vulnerabilities, the most severe one, tracked as CVE-2020-6422, is a use-after-free issue that affects the WebGL. The vulnerability was discovered by David Manouchehri that earned $8,500 as part of the bug bounty program of the company.
Google also addressed two other vulnerabilities, tracked as CVE-2020-6424 and CVE-2020-6425 respectively. The flaws are a use-after-free in the media component and an insufficient policy enforcement issue in extensions, both issues were reported by Sergei Glazunov of Google Project Zero.
Google also fixed four use-after-free issues, tracked as CVE-2020-6427, CVE-2020-6428, CVE-2020-6429, and CVE-2020-6449, in the audio component.
The vulnerabilities were reported by Man Yue Mo of the Semmle Security Research Team.
The IT company also addressed an out-of-bounds read bug in usersctplib, which is tracked as CVE-2019-20503. The vulnerability was reported by Natalie Silvanovich from Google Project Zero.
The updates also address an inappropriate implementation in V8, the issue racked as CVE-2020-6426 was reported by Avihay Cohen of SeraphicAlgorithms.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – Google Chrome, cybercrime)
[adrotate banner=”5″]
[adrotate banner=”13″]
A critical vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and…
As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement…
Healthcare service provider Kaiser Permanente disclosed a security breach that may impact 13.4 million individuals…
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over…
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply. …
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
This website uses cookies.