- Google fixed a high-severity zero-day flaw in Chrome and two medium-severity flaws
- Vulnerability likely linked to a LibANGLE buffer overflow allowing memory corruption and remote code execution
- This is Chrome’s eighth zero-day patch this year, highlighting ongoing targeted browser attacks.
Google recently updated its Chrome browser to protect against a high-severity vulnerability that was being misused as a Zero Day.
In a security advisory published earlier this week, the browser giant said it had fixed three bugs for Chrome, including two of medium severity and one of high severity.
For the latter, Google said it was “aware that an exploit exists in the wild”. Other details have not been disclosed, in order to protect users while the patch is deployed. This is a common practice at Google: hiding key information from users, but also from cybercriminals and other hackers.
Browser crash
The exact dates the patch is expected to roll out are unknown, Google confirmed it will arrive to most users “over the next few days/weeks.” The stable channel was updated to 143.0.7499.109/.110 for Windows/Mac and 143.0.7499.109 for Linux, and when we checked, the update was already installed.
There is no official confirmation of where the bug originated, but according to the Chromium bug ID, it was found in Google’s open source LibANGLE library, BleepingComputer reports. LibANGLE is a translation layer that converts OpenGL ES calls to other graphics APIs, usually Direct3D on Windows. It allows browsers and applications to run WebGL and OpenGL ES content even if the operating system does not natively support these APIs.
The same source claims that the bug is most likely a buffer overflow vulnerability in ANGLE’s Metal renderer, caused by incorrect buffer sizing. Crooks could have used the bug to corrupt memory, crash the browser, leak sensitive data, or even execute arbitrary code remotely.
This is the eighth zero-day vulnerability patched by Google in its Chrome browser. Last year, the company fixed ten of these vulnerabilities.
Browsers are one of the most used software on a computer and as such are always the target of different hacking campaigns.
Via BeepComputer
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
