Google Patches Chrome Zero-Day Vulnerabilities Under Active Attack

Nov. 2, 2019

While the former was reported by Kaspersky researchers, Anton Ivanov and Alexey Kulaev, last Tuesday, the latter was reported earlier this month by an anonymous user who goes by their online pseudonym,‘banananapenguin’. According to Google, it is the former, the one reported by folks at Kaspersky, that is being actively exploited by hackers in the wild.

According toThe Hacker News, boththe bugs are use-after-free vulnerabilities, a type of memory corruption that can enable hackers to potentially modify data in the system memory from a remote location. Thereafter, they can escape sandbox protections to surreptitiously escalate privileges and run arbitrary malicious code on affected systems. Basically, both are critical flaws that could pose severe security threats, which is why Google is advising all users to update to the latest version of Chrome as soon as possible.

Passionate techie. Professional tech writer. Proud geek.