Skip to main content

Another Chrome zero-day gets patched by Google

(Image credit: Image Credit: Anthony Spadafora)

Google’s Chrome browser has recently received a new patch which eliminates an actively exploited zero-day vulnerability. 

According to the company’s report on the matter, the urgent update was released on late Halloween night, patching exploit CVE-2019-13720, bringing Chrome to version v78.03904.87.

The zero-day vulnerability was described as a “use-aster-free” bug in Chrome’s audio component. Google said that two Kaspersky Labs researchers, Anton Ivanov and Alexey Kulaev, were the ones to first spot the flaw.

Nor Kaspersky, nor the two researchers, commented on the findings.

The new patch is available now for Windows, Mac and Linux. All users will get in in a few weeks’ time, but if you’re eager to get the patch rolling, you can trigger a manual update immediately by opening up Chrome’s Help>About Google Chrome section.

Google been working hard to maintain the security of its browser. Last month, it added the Site Isolation feature to Chrome for Android.

Site Isolation is a feature for Google Chrome which was developed and released last year. It’s a way to isolate one website from another, so that when a user types in their credentials in one website/tab, hackers wouldn’t be able to steal it from another one.

The tool was released just before Spectre and Meltdown flaws were uncovered. Even though the tool doesn’t help against flaws in the chip itself, it does eliminate the flaw from operating through the browser.

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.