Update Google Chrome now to fix this major security bug

Zero-day attack
(Image credit: Shutterstock.com)

Google has patched several new security bugs with its new update, including a zero-day vulnerability that is currently being exploited by attackers. Chrome users are advised to ensure their web browser is fully updated to ensure it is protected.

The new vulnerability, tracked as CVE-2020-16009, was discovered by Google’s Threat Analysis Group, which has been pretty busy of late. On Twitter, Shane Huntley, director of the group, praised his team’s work in tackling multiple zero-day threats over the last few weeks. He also confirmed that the most recently patched threat was seen in targeted exploitation and not connected "to any US election-related targeting.”

Other details surrounding the vulnerability have not been disclosed as this may provide attackers with the information they need to develop their own exploits. “Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” a Chrome release update read. “We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”

Yet another threat

With the coronavirus pandemic continuing to disrupt countries across the globe and the US gearing up for a presidential election, there are plenty of opportunities for cyberattackers to exploit. Misinformation around both the pandemic and the election has been put to use in a variety of phishing campaigns already.

Last month, Google had to patch another zero-day threat, while also exposing a further bug that affected Windows machines. There is no word yet on whether these zero-day threats have been exploited by the same threat actors.

Chrome’s CVE-2020-16009 vulnerability was reportedly found lurking within the browser component that manages JavaScript code. However, if users update Chrome to version 86.0.4240.183 or later they should be protected.

Via ZDNet

TOPICS
Barclay Ballard

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things. 

Latest in Security
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Representational image depecting cybersecurity protection
Cisco smart licensing system sees critical security flaws exploited
Latest in News
Ray-Ban Meta Smart Glasses
Samsung's rumored smart specs may be launching before the end of 2025
Apple iPhone 16 Review
The latest iPhone 18 leak hints at a major chipset upgrade for all four models
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 24 (game #1155)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 24 (game #386)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 24 (game #652)
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 23 (game #1154)