Zero-day vulnerability found in Google Chrome web browser

These Google Chrome Zero-Day vulnerabilities are what’s called “use-after-free vulnerabilities,” which are a type of memory flaw that can be leveraged by hackers to execute malicious code. One affects Chrome’s audio component (CVE-2019-13720) while the other affects the PDF (CVE-2019-13721) library. These vulnerabilities can enable an attacker to escalate privileges on an affected system.

The finding of a new Google Chrome zero-day in the wild once again demonstrates that it is the only collaboration between the security community and software developers, as well as constant investment in exploit prevention technologies, that can keep us safe from sudden and hidden strikes by threat actors, “Anton Ivanov, Security Expert at Kaspersky, said in a statement.

the main page inserted in a malicious javascript code, which in turn, loads a profiling script from a remote site to further check if the victim’s system could be infected by examining versions of the browser’s user credentials. The vulnerability tries to exploit the bug through the Google Chrome browser and the script checks if version 65 or later is being used. 

Source: www.thenewsminute.com

Leave a Reply

Your email address will not be published. Required fields are marked *