INSUBCONTINENT EXCLUSIVE:
Engineers at Google have released an urgent update for the company's Chrome browser which patches an actively exploited zero-day
vulnerability.In a blog post announcing the stable channel update of Chrome's 78.0.3904.87 release, the engineers revealed that they knew
the zero-day was being exploited in the wild and thanked the security researchers who brought this matter to their attention,
saying:“Google is aware of reports that an exploit for CVE-2019-13720 exists in the wild
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever
reaching the stable channel.”The zero-day vulnerability was discovered being exploited in the wild by Anton Ivanov and Alexey Kulaev, two
security researchers from Kaspersky.The zero-day itself was described as a use-after-free vulnerability in Chrome's audio component
Use-after-free vulnerabilities are memory corruption bugs that result when an application tries to reference memory that had previously been
assigned to it but was freed or deleted.Generally these types of vulnerabilities cause a program to crash but they can also lead to other
unintended consequences as was the case with another Chrome zero-day Google patched back in March
That vulnerability, CVE-2019-5786 was used alongside a Windows 7 zero-day which was also patched back in April
According to Kaspersky, both exploits were used together by an unnamed nation-state hacking group.At this time, it is still unclear as to
whether this latest Chrome zero-day was used to launch attacks against Chrome users or whether it is part of a more complex exploit chain
that exploits several vulnerabilities as was the case back in March.Also check out our complete list of the best antivirus software of
