A new zero-day attack has been discovered in google chrome which allows for memory corruption.

The vulnerability exists in Chrome’s ‘Freetype’ font rendering library which handles all the fonts you see on chrome and the way they are displayed on websites.

A memory corruption attack allows an attacker to exploit a program’s deficiencies to overwrite parts of memory that then cause the program to behave in a way that was not intended. This memory corruption attack (Heap Buffer Overflow) allows for on the fly code execution allowing attackers to deliver a malicious package via your browser. Allowing an attacker to execute code from within Chrome, potentially giving them access to your details and passwords.

Google has already released a fix for this exploit along with 4 other bugs, 3 of which were marked as ‘high-risk’. Security researchers are urging other companies that use Freetype’s library (such as Twitter) to ensure that their systems are not compromised by the same bug.

Although the Chrome web browser automatically notifies users about the latest available version, users are recommended to manually trigger the update process by going to “Help > About Google Chrome” from the menu in the top right of the screen.

We urge everyone to always ensure you keep all your programs up to date with the latest versions and security fixes as it could mean the difference between a successful attack or not.

Subscribe today to receive our latest updates!

Subscribe

Get in Touch Today!

Thank you for your message. It has been sent.
There was an error trying to send your message. Please try again later.

Related Posts

If you enjoyed reading this, please explore our other articles below:

Technology is no longer a tool; it is the lifeblood...
Read More
Imagine your IT infrastructure as a castle. The typical defences...
Read More
In the lightning-fast pace of today’s business landscape, organisational survival...
Read More
In Europe, the walled garden of Apple’s App Store is...
Read More
back to all posts