Google Chrome Update Gets Serious: Homeland Security (CISA) Confirms Attacks Underway

by
Fnord666
from SoylentNews on (#5AFQN)

upstart writes in with an IRC submission:

Google Chrome Update Gets Serious: Homeland Security (CISA) Confirms Attacks Underway:

Homeland Security cybersecurity agency says update Google Chrome as attackers home in on new security flaws.

Within the space of just three short weeks, Google has patched no less than five potentially dangerous vulnerabilities in the Chrome web browser.

These are not your common vulnerabilities either, but rather ones known as zero-days. A zero-day being a vulnerability that is being actively exploited by attackers while remaining unknown to the vendor or threat intelligence outfits.

Once the vendor becomes aware of the security flaw, day zero, it can start to mitigate against exploitation but not before. The attackers, therefore, have a head start.

The latest two zero-days to be discovered are classed as high-severity in nature and affect Chrome for Windows, Mac and Linux.

The precise details of CVE-2020-16013 and CVE-2020-16017 have not yet been made public as Google restricts access to such information until the majority of users have updated.

However, the Department of Homeland Security cybersecurity agency, CISA, has advised that an attacker "could exploit one of these vulnerabilities to take control of an affected system."

CVE links for future reference:
CVE-2020-16013
CVE-2020-16017

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments