Google Chrome Gets Second Security Update in Two Weeks That Fixes a Critical Zero-Day Vulnerability
- Last Updated: November 03, 2020, 21:21 IST
- FOLLOW US ON:
Google Chrome desktop browser is receiving a new security update that patches ten bugs with high-risk ratings. This is the second security update Google has released in the last two weeks that also addresses a zero-day vulnerability, identified as CVE-2020-16009 on the browser. The zero-day vulnerability was found to be affecting Google Chrome desktop application for Windows, Mac and Linux systems, and it was discovered by Google's Threat Analysis Group (TAG). Chrome desktop users are advised to upgrade the browser to version 86.0.4240.183 or later to ensure the safety of their system.
In October, Google had released an update for stable Chrome channels that also addressed another zero-day vulnerability CVE-2020-15999. The bug appeared to be affecting Chrome's FreeType font rendering library, the company had said. According to ZDNet, the October Chrome zero-day bug was utilised together with a Windows zero-day bug (CVE-2020-17087) to target systems running Windows 7 and above. Microsoft is expected to patch this zero-day bug through an update slated to release on November 10, while Google has already addressed the issue. It is unclear whether the two vulnerabilities were exploited by the same threat actors; however, Shane Huntley, Director of Google’s Threat Analysis Group (TAG) has confirmed that are not related to any US election-related targeting.