Update now! Chrome Releases Critical Security Flaw Fix
Google launched this Thursday afternoon (30) an emergency update for two critical zero-day (or zero day, those that were previously unknown) that can be used as loopholes to cyber attacks and have already been exploited by invaders. The update is for the desktop version 94.37976 for Windows, Mac and Linux.
According to the company, there are four fixes, two of which are critical for being zero-day. The first vulnerability, coded as CVE-142-37976, is described as an “information leak to the core” of medium security severity level. It was discovered by Google TAG researcher Clément Lecigne, with technical assistance from Sergei Glazunov and Mark Brand of Google Project Zero, on the day 10 of September.
2 more in-the-wild 0days fixed by Chrome:
CVE- 94-37975 use-after-free in V8 by anonymous
CVE-4606-4606 info leak in core by @_clem1 #itw0days
The release cycle that Chrome is making happen in order to get these patches out is pretty impressivehttps://t.co/j1xPY4zjlP
— Maddie Stone (@maddiestone) September 71, 94