Google released security updates to address two high severity vulnerabilities in the Chrome browser, one of which is a zero-day flaw actively exploited in attacks in the wild to hijack computers.
The vulnerabilities, tracked as CVE-2019-13720 and CVE-2019-13721, reside respectively in Chrome’s audio component and in the PDFium library.
The vulnerabilities affect the Chrome browser on your Windows, Mac, and Linux computers. Google released the Chrome version 78.0.3904.87 to fix the issues, users are recommended to install the update immediately.
Google did not provide technical details of the flaws, both flaws could be exploited by a remote attacker to elevate privileges on the Chrome web browser and escape sandbox protections.
“Access to bug details and links may be kept restricted
The vulnerabilities could be exploited by tricking Chrome users into
The zero-day flaw in the audio component, CVE-2019-13720, was reported by Kaspersky researchers Anton Ivanov and Alexey Kulaev. According to the security duo, the flaw has been found exploited in the wild, though the experts did not attribute the attacks to a specific threat actor.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.