Google fixes 5 security issues of the Chrome browser, including high-risk vulnerabilities that have been exploited

  Original title: Google fixes 5 security issues of Chrome browser, among which are high-risk vulnerabilities that have been exploited

  Source: cnbeta

   Google has patched 5 security vulnerabilities in its Chrome browser, one of which is being used wildly by malicious people. These vulnerabilities include 1 buffer overflow and 3 destructive flaws that cause the program to crash arbitrary code execution memory data, but CVE-2020-15999 is undoubtedly the most serious, it can even automatically install custom fonts for your browser.

   High-risk level vulnerability CVE-2020 -15999 is a heap buffer overflow in Freetype, discovered by Google Project Zero on October 19.

   Google Project Zero did not disclose the technical details of CVE-2020-15999, which has been widely used in cyber attacks to avoid further large-scale exploitation by threat actors, but it is believed to be related to the website requesting the installation of Web Open Font Format font capabilities are related, so it is likely that this vulnerability can be exploited just by visiting some specially designed websites.

   Chrome browser version earlier than 86.0.4240.111 has the above-mentioned vulnerability. If you have a pending update, it may be a good time to restart your browser. If you don’t have one, it may be a good idea to update immediately. Click Help About in the Chrome menu and the system will automatically detect the latest update, or go to Google Download the latest version directly from the official website.

Author:SINA,If you need to reprint,please indicate the source: