Google has released a security update to address a vulnerability that could endanger millions of Chrome users. The latest update fixes a zero-day vulnerability and addresses a bug in Chrome related to image processing.
Zero-day vulnerability fixed for Google Chrome
Google, together with Apple’s Security Engineering and Architecture team, disclosed a significant zero-day flaw on September 6. Following the discovery of the flaw, work began on a security package. The vulnerability has been fixed in version 116.0.5845.187 for Mac and 116.0.5845.187.188 for Windows.
According to the statement from the technology giant, a vulnerability caused by WebP extension images in Chrome could be used by hackers. The flaw, called a heap buffer overflow flaw, opened the door to hacking through Chrome.
Simply put, a heap buffer overflow is when the buffer is used more than what is allocated for a program. This could have allowed hackers to execute arbitrary code on the device using Chrome.
Google did not provide any technical details about the vulnerability. But it classified the flaw as “critical”, saying it could have been exploited by hackers. Note that the vulnerability has been fixed in version 116.0.5845.187 for Mac and Linux and 116.0.5845.187.188 for Windows.
Google has made the new package available for the Stable and Canary program. If you have received an update for Chrome, we recommend that you install it immediately. If the update is not yet available, it will be available in the coming days.
So what do you think about this issue? You can share your ideas with us in the comments section.