Security News > 2020 > August > Google Fixes High-Severity Chrome Browser Code Execution Bug
The Google Chrome web browser has a high-severity vulnerability that could be used to execute arbitrary code, researchers say.
The flaw has been fixed in the Chrome 85 stable channel, set to be rolled out to users this week.
The flaw is a use-after-free vulnerability in the WebGL component of Chrome browser.
"An adversary could manipulate the memory layout of the browser in a way that they could gain control of the use-after-free exploit, which could ultimately lead to arbitrary code execution," according to Jon Munshaw with Cisco Talos in a Monday analysis.
Researchers said this vulnerability specifically exists in ANGLE, a compatibility layer between OpenGL and Direct3D used on Windows by Chrome browser and other project.
News URL
https://threatpost.com/google-fixes-high-severity-chrome-browser-code-execution-bug/158600/
Related news
- Google Chrome’s AI feature lets you quickly check website trustworthiness (source)
- Google says new scam protection feature in Chrome uses AI (source)
- Google Chrome uses AI to analyze pages in new scam detection feature (source)
- New details reveal how hackers hijacked 35 Google Chrome extensions (source)
- Google Chrome is making it easier to share specific parts of long PDFs (source)