These zero-day vulnerabilities are getting a bit rich.
Chrome users may want to get on the latest update as it includes 11 security fixes for the browser. This update may not be as fun as one that has a new logo or improves your RAM, but for anyone with safety in mind it's a pretty important rollout.
According to SecurityWeek, one of the security fixes in the 104.0.5112.101/102 update is for zero-day vulnerabilities—ones that are found by malicious parties before the vendor or owner of the software is aware of them.
In the case of Chrome's latest update, only one out of the 11 fixes appears to be for a zero-day vulnerability, but this is the fifth such exploit patched by Chrome this year. This marks a surge in zero-day exploits that Google has had to cover for.
Other bug fixes in the patch repair several different vulnerabilities regarding use-after-free. This usually refers to programs not clearing memory after use, leaving a pointer that can be exploited by attackers. Given they make up the lion's share of the fixes, it seems these floating points have been a real problem for Chrome.
You can get a look at all the fixes in this patch on Google's official Chrome Releases page. Not only does it tell you what each fix addresses, but also gives credit to those who reported the issue in the first place. Sometimes these are Google employees, but can often include free agents who are looking to help.
What's pretty neat about this list is you can also see what compensation was awarded to the reporters by Google. For example, one use-after-free bug was reported by an anonymous source (to us anyway) and we can see they were paid $5,000 for their troubles. It's nice to see that hunting down exploits in Chrome is at least a little bit rewarding for those looking to do good as well as evil.
Yesterday I ignored 10 tornado warnings to finish a Destiny 2 raid, didn't get the exotic drop, and disappointed my fiancée. Is there some sort of lesson here?
I didn't expect my favorite cozy MMO to do a crossover with a Finnish children's series
CD Projekt's Pawel Sasko tells the inspiring tale of how an Estonian beet farmer in Australia became a senior quest designer on The Witcher 4
Интервью AppTime с компанией Innova: релиз Gran Saga в России, внутриигровая оплата и «Масленица» в корейской MMO
«Бегал в костюме красноармейца по ресторану отца Андрея Бурковского» Михаил Башкатов в шоу «Вкусно с Анфисой Чеховой» на ТВ-3 рассказал о первом заработке
Спектакль Сергея Безрукова откроет сезон в нижегородском театре оперы и балета
Филиал «Красноярский» компании «ЛокоТех-Сервис» стал партнером создания образовательно-производственного центра
Игрок "Динамо" Тюкавин рассказал, что в клубе ему помогают бороться с аэрофобией
Логвинов о пластике Старлайт из «Пацанов»: «Красивейшая баба, добившаяся успеха, считает себя какой-то не такой и превращается в стремную фарфоровую куклу»
Администрация Наро-Фоминска провела выездное заседание в деревне Шустиково
Агент Шмелев: россияне могут взять ипотеку без первого взноса
Собянин рассказал о мерах поддержки московских предприятий