Pair engineer malicious code from public source tweak before official binary releases
Google has updated Chrome for Linux, Mac, and Windows to address three security vulnerabilities – and exploit code for one of them is already public, so get patching.
In a release note on Monday, Krishna Govind, a test engineer at Google, said Chrome version 80.0.3987.122 addresses three flaws identified by various researchers. Each is rated high severity.
One, reported by André Bargull, is an integer-overflow bug in International Components for Unicode (ICU), a set of libraries for C/C++ and Java that handle Unicode and globalization support. This bug earned a $5,000 bounty from Google for Bargull, and no CVE has been issued.
The second fla ..
Support the originator by clicking the read the rest link below.