Chrome was hiding another major zero-day flaw

The term “zero-day” refers to a newly discovered software vulnerability. Because the developer has just learned of the flaw, it also means an official patch or updates to fix the issue hasn’t been released.

Once the vulnerability becomes publicly known, the vendor has to work quickly to fix the issue to protect its users, The attack used a waterhole-style exploit to inject malicious JavaScript code into the Chrome main page. This then uses a profiling script to analyze the victim’s system and user credentials to see if version 65 or later of Chrome is installed.

To find a new Google Chrome zero-day in the wild once again demonstrates that it is the only collaboration between the security community and software developers, as well as constant investment in exploit prevention technologies, that can keep us safe from sudden and hidden strikes by threat actors,” said Anton Ivanov, a security expert at Kaspersky. To keep your computer and data safe, it’s smart to take proactive and reactive security measures

Source: www.techradar.com

Leave a Reply

Your email address will not be published. Required fields are marked *