36 mins Google fixes multiple security bugs in Android, Chrome OS.Google has released long term channel updates to fix these security bugs, which were reported in Chrome OS LTS channel versions prior to 102. Insufficient validation of untrusted input in DevTools was also found to exist. The security flaws were found after using free network service like WebSQL, Sign-In Flow, Input and SplitScreen.Īlso read: Google Maps gets improved live view and eco-friendly routing in the latest updateīugs were also reported to exist due to inappropriate implementation in site Isolation and Chrome OS lockscreen heap buffer overflow in internals, screen capture, exosphere, Ash and WebUI. Security bugs in Chrome OS were exploited by bypassing security restrictions, which executed arbitrary code and caused denial of services on affected systems. CERT-In stated that these bugs could be exploited by sending specially crafted requests. CERT-In’s report flagged Android OS versions 10, 11, 12, 12L and 13 for these security bugs. The update takes the browser to version 1.41.WhatsApp releases fixes for security bugs affecting Android and iOS devicesĭetails of the security bugs were also shared by Android in their security bulletin while requesting users to update their software. None of these have been exploited yet, the company says, but seven are rated as being a high risk. On April 27, Google announced another Chrome update, fixing 30 security vulnerabilities. The Chrome issue also impacts other Chromium-based browsers, including Brave, Microsoft Edge, Opera, and Vivaldi, so if you use one of those, make sure you apply the patch.īut that’s not all. You’ll need to restart Chrome after the update has installed to ensure it activates. If you use Chrome, your browser should now be on version 1.127 to include the fix.
The technical details aren’t currently available, but the timing of the fix-just a day after it was reported-indicates it’s pretty serious. The latest, pushed out in mid-April, fixes two issues including a high-severity zero-day vulnerability, CVE-2022-1364, which is already being used by attackers. It has been a particularly busy month for the team behind Google’s Chrome browser, which has seen several security updates within weeks of each other.
0 kommentar(er)
