Google today released a Chrome update to fix three security vulnerabilities. This includes a zero-day vulnerability patch, which is being actively exploited. Details of the attacks have not been made public, butmedia zDNet noted that Clement Lecigne, a member of Google’s threat analysis team, discovered the problem last week (February 18). As a division of Google, it is primarily responsible for investigating and tracking the source of security threats.
Google has now released an update for Chrome 80.0.3987.122 for Windows/Ma/Linux, and the Chrome OS/iOS/Android version is also available later.
The so-called type confusion refers to the type of operation that the application performs incorrectly on the input data when coding is initialized.
An attacker can trick the browser with carefully fabricated code, causing a logical error in the program’s memory and even running malicious code without restriction.
It’s also the third Chrome Zero-Day vulnerability to be exploited in the past year.
Last March, for example, Google fixed the CVE-2019-5786 vulnerability in Chrome 72.0.3626.121, and then the CVE-2019-13720 vulnerability in Chrome 78.0.3904.8 in November.
Finally, Chrome v80.0.3987.122 comes with two additional security updates, but it is not yet available in the wild.