Google Working on Improving Memory Safety in Chrome
Over 70% of the severe bugs identified last year in Chrome were memory safety issues, namely “mistakes with pointers in the C or C++ languages,” and Google decided to tackle the problem before it becomes even more serious. Of the potential solutions, the Internet search giant decided to focus on two, namely introducing runtime checks…
Google Offers UK Watchdog Role in Browser Cookie Phase-Out
The U.K. competition watchdog has been investigating Google’s proposals to remove so-called third-party cookies over concerns they would undermine digital ad competition and entrench the company’s market power. To address the concerns, Google on Friday offered a set of commitments including giving the Competition and Markets Authority an oversight role as the company designs and…
Google Patches Chrome Zero-Day Used by Commercial Exploit Company
Ten of the issues were reported by external security researchers: one rated critical severity, seven high severity, and two medium severity. All are patched in Chrome 91.0.4472.101 for Windows, Mac and Linux. The most severe of these is CVE-2021-30544, a critical use-after-free bug that impacts BFCache, a browser optimization meant to enable instant back and…
PoC Exploit Released for Unpatched Flaw Affecting Chromium-Based Browsers
On April 7, at the Pwn2Own 2021 hacking competition, Bruno Keith and Niklas Baumstark of Dataflow Security earned $100,000 for a remote code execution exploit that works against web browsers that are based on Google’s open source Chromium project. The researchers demonstrated the exploit against both Chrome and Microsoft Edge. Visiting a specially crafted website…
Chinese Researchers Earn Another $20,000 for Chrome Sandbox Escape
Google informed Chrome users on Tuesday that an update for version 89 includes eight security fixes, including for six vulnerabilities reported by external researchers. The highest reward, $20,000, was awarded to researchers Leecraso and Guang Gong of the 360 Alpha Lab at Qihoo 360. The issue was described by Google as a use-after-free in screen…
Vulnerabilities Exploited at Chinese Hacking Contest Patched in Firefox, Chrome
The Firefox vulnerability, tracked as CVE-2020-26950, has been described as an issue related to write side effects in MCallGetProperty opcode not being accounted for. “In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition,” Mozilla said in an advisory published on Monday. The flaw was fixed with…
Google patches actively exploited zero-day bug that affects Chrome users
Google has recently released Chrome version 86.0.4240.111 to patch several holes. One is for a zero-day flaw – that means a vulnerability that is being actively exploited in the wild. The flaw, which is officially designated as CVE-2020-15999, occurs in the way FreeType handles PNG images embedded in fonts using the Load_SBit_Png function. FreeType is…
Chrome 86 to Alert Users of Insecure Forms
Set to be introduced in Chrome 86, the feature targets the so-called mixed forms (they are found on HTTPS pages that submit over HTTP), which are considered a risk to users’ security and privacy. Because the data transmission is not performed over a secure connection, the information introduced by the user in those forms is…
Serious Vulnerabilities Patched in Chrome, Firefox
Google included a total of 32 security fixes in Chrome 81, which was finally promoted to the stable channel, after the current COVID-19 pandemic forced the Internet giant to delay stable releases and roll back some of the recently introduced protections in Chrome. Twenty-three of the patches fix vulnerabilities reported by external security researchers, including…
Google fixes another Chrome zero-day exploited in the wild
For the third time in a year, Google has fixed a Chrome zero-day (CVE-2020-6418) that is being actively exploited by attackers in the wild. About CVE-2020-6418 No details have been shared about the attacks and about the flaw itself, apart from the short description that says it’s a type confusion flaw in V8, the JavaScript…
