Get the latest tech news

Google Chrome Gets Third Emergency Update In A Week As Attacks Continue

Another Chrome attack is now underway.

ForbesWhy You Should Never Use Your Credit Card On These WebsitesBy Zak Doffman This vulnerability impacts Chrome’s V8 JavaScript and WebAssembly engine, enabling “a remote attacker to perform an out of bounds memory write via a crafted HTML page.” The severity of the threat is set as “high,” but with this being exploited, it is critical users update and relaunch as soon as they can. This is a memory issue—as are almost all Chrome zero days, and this type of vulnerability usually means a crafted HTML page could trigger the system to crash or open the door to a further exploit. ForbesTelegram's Attack On Signal Turns Focus On Its Own Security FailingsBy Zak Doffman Update 5/15: Notwithstanding the awkward optics of [three] emergency updates inside a week, or the latest delay in depreciating tracking cookies, Google does seem to be on a mission to improve Chrome’s security, with such initiatives as addressing common memory issues with its V8 sandbox and session cookie theft with its clever new Device Bound Session Credentials(DBSC) approach.

Get the Android app