![]() ![]() Earlier this month, Google patched a separate flaw in Chrome that appeared to be tied to the notorious surveillance NSO Group, a company that sells spyware to foreign governments.įor CVE-2023-5217, Google released the patch through Chrome version 1.132 for Windows, macOS, and Linux. ![]() The fix arrives as the security community has spotted a surge in zero-day exploits from commercial spyware companies. Such errors can be exploited to execute rogue computer code, like triggering a browser to open a hacker-controlled web page or to download malware. The vulnerability, dubbed CVE-2023-5217, involves how the Chrome browser processes the VP8 video compression format. It can trigger a “heap buffer overflow” in a VP8 library, meaning data can be overwritten in the browser’s adjacent memory locations. Google rated the threat as a “high” severity bug. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |