High-Severity Memory Safety Bugs Patched With Latest Chrome 108 Update By Orbit Brain December 15, 2022 0 247 views Residence › VulnerabilitiesExcessive-Severity Reminiscence Security Bugs Patched With Newest Chrome 108 ReplaceBy Ionut Arghire on December 14, 2022TweetGoogle this week introduced a Chrome replace that resolves eight vulnerabilities within the in style browser, together with 5 reported by exterior researchers.All 5 safety defects are use-after-free flaws, a kind of reminiscence security bug that has been prevalent in Chrome over the previous years, and which Google has long-battled to get rid of.In line with Google’s advisory, 4 of those points are high-severity bugs, impacting parts reminiscent of Blink Media, Mojo IPC, Blink Frames, and Aura.The vulnerabilities have been issued CVE identifiers CVE-2022-4436 to CVE-2022-4439 and are accompanied by CVE-2022-4440, a medium-severity use-after-free.Google says it has paid $17,500 in bug bounties to the reporting researchers, however the ultimate quantity is perhaps greater, as solely 4 out of 5 rewards have been disclosed.The most recent Chrome browser launch is at present rolling out to Mac and Linux customers as model 108.0.5359.124, and to Home windows customers as model 108.0.5359.124/.125.Google makes no point out of any of those vulnerabilities being exploited in malicious assaults. Up to now, there have been 9 documented Chrome zero-day flaws in 2022.Associated to the inaccurate use of dynamic reminiscence whereas a program is working, use-after-free points exist as a result of, after liberating a reminiscence location, an software won’t clear the pointer to that location.An attacker able to use a use-after-free vulnerability could possibly crash the appliance, corrupt information, or execute arbitrary code on the machine. In Chrome, use-after-free flaws could also be used to flee the browser sandbox, which requires the exploitation of extra safety defects.Over the previous couple of years, Google introduced a number of efforts to get rid of reminiscence security bugs in each Android and Chrome, and just lately introduced improved protections in opposition to the exploitation of such vulnerabilities.Associated: Chrome 108 Patches Excessive-Severity Reminiscence Security BugsAssociated: Google Patches Eighth Chrome Zero-Day of 2022Associated: NSA Publishes Steering on Mitigating Software program Reminiscence Security PointsGet the Each day Briefing Most LatestMost LearnCISA Warns Veeam Backup & Replication Vulnerabilities Exploited in AssaultsGoogle Publicizes Vulnerability Scanner for Open Supply BuildersExcessive-Severity Reminiscence Security Bugs Patched With Newest Chrome 108 ReplaceSAP’s December 2022 Safety Updates Patch Essential VulnerabilitiesSafety Corporations Warn Microsoft of Signed Drivers Used to Kill EDR, AV ProcessesEU Strikes Nearer to Stitching Up New Information Switch Deal With USApple Patches Zero-Day Vulnerability Exploited In opposition to iPhonesICS Patch Tuesday: Siemens Fixes 80 OpenSSL, OpenSSH Flaws in SwitchesHackerOne Surpasses $230 Million in Paid Bug BountiesPatch Tuesday: Microsoft Plugs Home windows Gap Exploited in Ransomware AssaultsIn search of Malware in All of the Improper Locations?First Step For The Web’s subsequent 25 years: Including Safety to the DNSTattle Story: What Your Laptop Says About YouBe in a Place to Act By means of Cyber Situational ConsciousnessReport Reveals Closely Regulated Industries Letting Social Networking Apps Run Rampant2010, A Nice Yr To Be a Scammer.Do not Let DNS be Your Single Level of FailureLearn how to Establish Malware in a BlinkDefining and Debating Cyber WarfareThe 5 A’s that Make Cybercrime so EngagingLearn how to Defend In opposition to DDoS AssaultsSafety Budgets Not in Line with ThreatsAnycast – Three Causes Why Your DNS Community Ought to Use ItThe Evolution of the Prolonged Enterprise: Safety Methods for Ahead Considering OrganizationsUtilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous EnterpriseShare this:FacebookXPrintEmailLinkedInRedditTwitterTumblrPinterestTelegramWhatsApp browser Chrome Google memory safety patch update use-after-free vulnerability Orbit Brainhttps://orbitbrain.com/ Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy waysand much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.
Google Launches Bug Bounty Program for Open Source ProjectsIntroducing the Cyber Security News Google Launches Bug Bounty Program for Open Source Projects.... August 30, 2022 Cyber Security News
Congress Moves to Ban TikTok From US Government DevicesIntroducing the Cyber Security News Congress Moves to Ban TikTok From US Government Devices.... December 21, 2022 Cyber Security News
NSA Director Pushes Congress to Renew Surveillance PowersIntroducing the Cyber Security News NSA Director Pushes Congress to Renew Surveillance Powers.... January 13, 2023 Cyber Security News
4 Nigerians Arrested in Europe Over US Charges Involving Hacking, FraudIntroducing the Cyber Security News 4 Nigerians Arrested in Europe Over US Charges Involving Hacking, Fraud.... December 7, 2022 Cyber Security News
DigitalOcean Discloses Impact From Recent Mailchimp CyberattackIntroducing the Cyber Security News DigitalOcean Discloses Impact From Recent Mailchimp Cyberattack.... August 18, 2022 Cyber Security News
Sophos Joins List of Cybersecurity Companies Cutting StaffIntroducing the Cyber Security News Sophos Joins List of Cybersecurity Companies Cutting Staff.... January 19, 2023 Cyber Security News
Pantera Capital Plans $250M Solana (SOL) Buy, Analyst Predicts Record Rally Toward $1000March 8, 2024 76
Ethereum Blockchain Now Has A Modernized Version of Bitcoin (BTC) But With A Much Lower SupplyMarch 9, 2024 71
