- Google has fixed a high-severity Chrome zero-day along with two medium-severity bugs
- Vulnerability likely linked to a LibANGLE buffer overflow that allows memory corruption and remote code execution
- This marks Chrome’s eighth zero-day patch this year, highlighting ongoing browser-targeted attacks
Google recently updated its Chrome browser to protect against a serious vulnerability that was exploited in the wild as a zero-day.
In a security advisory published earlier this week, the browser giant said it fixed three bugs for Chrome, including two medium and one high.
For the latter, Google said it was “aware that an exploit exists in the wild.” Other details were not revealed to protect users as the patch rolls out. This is standard practice for Google, which withholds important details from users – but also from cybercriminals and other hackers.
Crash of the browser
Exact dates for when the patch is expected to be rolled out are unknown, Google confirmed that it will be coming to most users “over the coming days/weeks”. The stable channel has been updated to 143.0.7499.109/.110 for Windows/Mac and 143.0.7499.109 for Linux and when we checked the update was already installed.
There’s no official confirmation of what the bug is, but according to the Chromium bug ID, it was found in Google’s open source LibANGLE library, BleepingComputer reports. LibANGLE is a translation layer that converts OpenGL ES calls to other graphics APIs, usually Direct3D on Windows. It lets browsers and apps run WebGL and OpenGL ES content, even if the operating system doesn’t natively support these APIs.
The same source claims that the bug is most likely a buffer overflow vulnerability in ANGLE’s Metal renderer, caused by incorrect buffer size. Crooks could have used the flaw to corrupt memory, crash the browser, leak sensitive data, or even execute arbitrary code remotely.
This is the eighth zero-day vulnerability that Google fixed in its Chrome browser. Last year, the company addressed ten such vulnerabilities.
Browsers are one of the most used pieces of software on a computer and as such are always the target of various hacking campaigns.
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
