Chrome 108 Patches High-Severity Memory Safety Bugs By Orbit Brain November 30, 2022 0 162 views Dwelling › VulnerabilitiesChrome 108 Patches Excessive-Severity Reminiscence Security BugsBy Ionut Arghire on November 30, 2022TweetGoogle this week introduced the discharge of Chrome 108 within the secure channel with patches for 28 vulnerabilities, together with 22 reported by exterior researchers.Of the externally reported safety defects, eight are high-severity points and 14 are medium-severity flaws.Essentially the most extreme of those bugs, based mostly on the paid bug bounty reward, is CVE-2022-4174, a sort confusion problem within the internet browser’s V8 JavaScript engine.Google credited safety researcher Zhenghang Xiao for reporting the vulnerability and says it paid a $15,000 reward for it.All of the remaining high-severity vulnerabilities are reminiscence security bugs, together with one out-of-bounds write and 6 use-after-free points.For over a yr, Google has been engaged on bettering reminiscence security in Chrome, together with by switching from C++ to a Rust compiler. Rust is taken into account a reminiscence secure programming language.The out-of-bounds write was recognized in Lacros Graphics, whereas the use-after-free flaws affect Chrome elements corresponding to Digital camera Seize, Extensions Mojo, Audio, and Kinds.The 14 medium-severity vulnerabilities embody inadequate coverage enforcement points, inadequate validation of untrusted enter flaws, inappropriate implementation bugs, and use-after-free defects.Google says it handed out over $70,000 in bug bounty rewards to the reporting researchers, however the ultimate quantity could be increased, because the web big has but to find out the quantity to be paid for a few of the bugs.No reward will probably be paid for a number of of the bugs, as they’ve been reported by Google Undertaking Zero and Microsoft researchers.Google made no point out of any of those vulnerabilities being exploited in assaults.The newest Chrome iteration is now rolling out as model 108.0.5359.71 for Mac and Linux and as model 108.0.5359.71/72 for Home windows.Chrome 108 was launched solely days after Google issued an emergency replace to handle a zero-day within the internet browser, the eighth to be publicly disclosed in 2022.Associated: Google Pays $45,000 for Excessive-Severity Vulnerabilities Present in ChromeAssociated: Google Pays Out Over $50,000 for Vulnerabilities Patched by Chrome 107Associated: Google Improves Chrome Protections Towards Use-After-Free Bug ExploitationGet the Day by day Briefing Most CurrentMost LearnOne 12 months Later: Log4Shell Remediation Gradual, Painful SlogDo not Let Your Profession Go the Method of Leisure 720Traders Guess $31 Million on Sphere for Identification Hygiene TechGoogle Hyperlinks Exploitation Frameworks to Spanish Adware Vendor VaristonChrome 108 Patches Excessive-Severity Reminiscence Security BugsDelta Electronics Patches Critical Flaws in Industrial Networking UnitsBuilders Warned of Crucial Distant Code Execution Flaw in Quarkus Java FrameworkSelf-Replicating Malware Utilized by Chinese language Cyberspies Spreads by way of USB DrivesOT:Icefall Continues With Vulnerabilities in Festo, Codesys MerchandiseRansomware Gang Takes Credit score for Maple Leaf Meals HackIn search of Malware in All of the Flawed Locations?First Step For The Web’s subsequent 25 years: Including Safety to the DNSTattle Story: What Your Pc Says About YouBe in a Place to Act Via Cyber Situational ConsciousnessReport Reveals Closely Regulated Industries Letting Social Networking Apps Run Rampant2010, A Nice 12 months To Be a Scammer.Do not Let DNS be Your Single Level of FailureTips on how to Determine Malware in a BlinkDefining and Debating Cyber WarfareThe 5 A’s that Make Cybercrime so EngagingTips on how to Defend Towards DDoS AssaultsSafety Budgets Not in Line with ThreatsAnycast – Three Causes Why Your DNS Community Ought to Use ItThe Evolution of the Prolonged Enterprise: Safety Methods for Ahead Considering OrganizationsUtilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous EnterpriseShare this:FacebookXPrintEmailLinkedInRedditTwitterTumblrPinterestTelegramWhatsApp browser Chrome Google memory bug patch update use-after-free vulnerability Orbit Brainhttps://orbitbrain.com/ Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy waysand much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.
N Korean APT Uses Browser Extension to Steal Emails From Foreign Policy, Nuclear TargetsIntroducing the Cyber Security News N Korean APT Uses Browser Extension to Steal Emails From Foreign Policy, Nuclear Targets.... July 29, 2022 Cyber Security News
Whistleblower: China, India Had Agents Working for TwitterIntroducing the Cyber Security News Whistleblower: China, India Had Agents Working for Twitter.... September 14, 2022 Cyber Security News
Apple Adds ‘Lockdown Mode’ to Thwart .Gov Mercenary SpywareIntroducing the Cyber Security News Apple Adds ‘Lockdown Mode’ to Thwart .Gov Mercenary Spyware.... July 6, 2022 Cyber Security News
US Government Agencies Issue Guidance on Threats to 5G Network SlicingIntroducing the Cyber Security News US Government Agencies Issue Guidance on Threats to 5G Network Slicing.... December 15, 2022 Cyber Security News
Investment in IIoT/OT Security Leads to Reduced Incident Impact: StudyIntroducing the Cyber Security News Investment in IIoT/OT Security Leads to Reduced Incident Impact: Study.... July 14, 2022 Cyber Security News
Leaked Algolia API Keys Exposed Data of Millions of UsersIntroducing the Cyber Security News Leaked Algolia API Keys Exposed Data of Millions of Users.... November 22, 2022 Cyber Security News
Pantera Capital Plans $250M Solana (SOL) Buy, Analyst Predicts Record Rally Toward $1000March 8, 2024 77
Ethereum Blockchain Now Has A Modernized Version of Bitcoin (BTC) But With A Much Lower SupplyMarch 9, 2024 71