The security flaw threatens more than 2 billion Google Chrome users

Page Forbes said, Google has just confirmed the two vulnerabilities rated as severely affecting the Chrome web browser, and release immediately an update just three weeks after launching Chrome 81 market in April 7.4. Because this security incident easily paves the way for an attacker to gain control of the system, the US Department of Infrastructure and Network Security (CISA) recommends that all users immediately update the latest patch. .

According to Prudhvikumar Bommana - Google Chrome's technical manager, the two security holes were first discovered by Zhe Jin, an expert at security company Qihoo 360 (China).

CVE-2020-6462, one of the two vulnerabilities identified as a use-after-free (allowing hackers to attack after users interact with malware) related to the task scheduling function of Chrome. This discovery brought a $ 10,000 bonus to Jin. Meanwhile, the second vulnerability, dubbed CVE-2020-6461, affects storage.

Another critical security flaw, discovered in the April 15 Chrome update, was also discovered by security researchers at Qihoo 360 and reported to Google.

The details of the issue have not been publicly released to ensure as many users have updated as possible before hackers could take advantage of official information.

There is currently no evidence that any successful exploits with these two vulnerabilities were found. The safest version of Chrome right now is 81.0.4044.129, users of Google's web browser, even if they are using computers using Windows, macOS or Linux, are encouraged to update to the latest software patch to avoid risks. ro.