Threat actors had already begun actively exploiting zero-day threat
Google has released an update to its Chrome web browser, fixing a number of security bugs. Of particular note, is the fact that the new Chrome version 86.0.4240.111 contains a patch for a recently discovered zero-day exploit.
The security bug, listed as CVE-2020-15999, is a memory corruption vulnerability, which will come as no surprise to individuals with knowledge of the Chrome security landscape. According to internal research undertaken by Google, 70 per cent of all the serious security bugs affecting Chrome are memory-related. Microsoft researchers came up with a similar figure.
This time, the patched exploit made use of a vulnerability with the FreeType font rendering library that comes packaged with Chrome. The security bug was discovered by Google’s internal Project Zero team after Chrome users were targeted by cyberattackers.
The best antivirus software available today
The best security keys for top online protection
Also, check out the best antivirus rescue disks
An essential update
Chrome users can stay protected by updating to the latest version of the browser, but other individuals may still be at risk. Other software solutions that use the FreeType library could still be targeted, so Google advises at-risk individuals to download the latest version of FreeType to get patched up.