Skip to main content

Google Chrome flaws almost always relate to memory management processes

(Image credit: Image Credit: Earl Jeffson / Flickr)

The majority of serious vulnerabilities in the Google Chrome browser are related to the way the software handles memory, Google engineers have confirmed.

According to a ZDNet report, 70 percent of all Chrome security issues are memory-related. Half of these, meanwhile, are are use-after-free vulnerabilities, which occur after poor handling of memory pointers.

Since March 2019, the firm found 125 out of 130 “critical” Chrome vulnerabilities were related to memory corruption issues.

To inform the report, Google's engineers analysed a total of 912 “high severity” and “critical” security bugs found in all stable versions of Google Chrome issued since 2015.

Google, however, is not the only firm to struggle with issues of this type. Microsoft also said that around 70 percent of vulnerabilities in its products relate to memory safety, suggesting that the main problem lies in the programming languages used to develop these products: C and C++.

These programming languages were built at a time when security exploitation and cyberattacks were not as prominent as they are today, leading many software companies to seek out alternative languages. 

Rust is emerging as a frontrunner as a result of Mozilla’s efforts, according to sections of the media.