advertisement
Google’s popular web browser Chrome was reported with a zero-day vulnerability bug that could have forced PC users to click on malicious website links inserted by attackers. Zero-day bugs are those which haven’t been reported before or not known to the Google’s security team.
“Google is aware of reports that an exploit for CVE-2020-6418 exists in the wild,” it has mentioned in this post.
And in order to fix this issue, Google has patched the web browser which is available through the version 80.0.3987.122 for Windows, Mac, and Linux users. This update will be rolling out to users in the coming days/weeks.
This development was also shared by Antti Tikkanen who is part of Google's Threat Analyst Group through this tweet.
Google has also clarified that details about the bug and its links have been kept restricted until majority of Chrome users do not update with the fix released. In total, Google has notified about three, high-level threats that have been reported to the search giant by different researchers.
Without Google sharing details about the vulnerability, it would be hard to ascertain if the loophole has been exploited by hackers, and if so, these incidents are likely to have been spotted in isolation.
Although, it does specifically talk about a Type Confusion vulnerability which exploits the JavaScript, allowing hackers to cause errors in Chrome as well as run unrestricted codes on the affected device.
It is concerning that Google is being extremely cagey about sharing details about this bug, which is why it is highly advised that you update Chrome (on the aforementioned platforms) right away.
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)