• Home
  • Apps
  • Apps News
  • Google Chrome for Android Gets a Zero Day Vulnerability Fix Following Two Patches on Desktop Version

Google Chrome for Android Gets a Zero-Day Vulnerability Fix Following Two Patches on Desktop Version

Google Chrome for Android version 86.0.4240.185 has been rolled out with the latest security fix.

Google Chrome for Android Gets a Zero-Day Vulnerability Fix Following Two Patches on Desktop Version

Google Chrome for Android users are recommended to quickly install the latest update

Highlights
  • Google Chrome for Android update also includes performance improvements
  • The zero-day issue has been identified as CVE-2020-16010
  • Google Chrome for desktop received a zero-day fix just earlier this week

Google has released a new Chrome for Android update to fix a zero-day flaw that is currently exploited in the wild. The new update arrives just days after Google fixed two zero-day vulnerabilities in the desktop version of its Chrome browser. Details related to the attack are not yet public as a majority of Chrome for Android users are yet to install the update. Alongside the security fixes that include those rolled out initially for desktop users, the latest Chrome update also includes stability and performance improvements.

The latest Chrome for Android update carries version number 86.0.4240.185 that includes fixes for a heap buffer overflow vulnerability, listed as CVE-2020-16010. The issue exists in the user interface (UI) component of the Web browser.

Google is aware of reports that an exploit for CVE-2020-16010 exists in the wild,” the company said in a blog post.

Google's Project Zero team reported the highly severe vulnerability on October 31. Further, the Threat Analysis Group (TAG) at Google, responsible for tracking threat actors, has been credited for discovering the zero-day attacks related to Chrome for Android.

Details of the bug and its exploit are not yet revealed as the update is currently in its rollout process. However, Google said that the new version would become available for download through Google Play over the next few weeks.

Earlier this week, Google rolled out a security update for its Chrome browser on desktops that patched a zero-day vulnerability, tracked as CVE-2020-16009, that existed in JavaScript engine V8.

Prior to the last update, Google patched another zero-day issue affecting its Chrome desktop version last month. That vulnerability, identified as CVE-2020-15999, impacted the FreeType font rendering library of the browser.

It is unclear whether the three zero-day bugs discovered in the last one month are exploited by a single threat actor or multiple groups. Having said that, users on both Android and desktop versions of the Chrome browser are recommended to install the latest updates as soon as they are available.


Is Android One holding back Nokia smartphones in India? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Jagmeet Singh writes about consumer technology for Gadgets 360, out of New Delhi. Jagmeet is a senior reporter for Gadgets 360, and has frequently written about apps, computer security, Internet services, and telecom developments. Jagmeet is available on Twitter at @JagmeetS13 or Email at jagmeets@ndtv.com. Please send in your leads and tips. More
Samsung’s Next True Wireless Earphones Could Be Called the Galaxy Buds Beyond
Share on Facebook Tweet Snapchat Share Reddit Comment
 
 

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2021. All rights reserved.
Listen to the latest songs, only on JioSaavn.com