标题:谷歌Chrome浏览器紧急更新修复三项严重漏洞,黑客利用零日漏洞进行攻击
摘要:谷歌昨天为桌面平台Chrome浏览器发布了120.0.6099.234/235版本更新,紧急修复了三项严重漏洞,其中包括一项已被黑客利用的CVE-2024-0519零日漏洞。该漏洞允许黑客通过特定HTML页面触发堆栈损坏,在受害者设备上执行恶意代码。
正文:谷歌Chrome浏览器的桌面平台最近收到了一次重要的更新,版本号为120.0.6099.234/235。这次更新的主要目的是紧急修复三项严重的安全漏洞,以保护用户的网络安全。
这三项漏洞中,最引人关注的是CVE-2024-0519零日漏洞。这个漏洞存在于Chrome浏览器的V8引擎中,是一个内存访问漏洞。黑客可以利用这个漏洞通过特定的HTML页面触发堆栈损坏,进而在受害者的设备上执行恶意代码。
谷歌已经注意到了这个漏洞,并且正在积极地与全球的安全研究人员合作,以防止这个漏洞被进一步利用。同时,谷歌也已经发布了一个补丁,建议用户尽快安装,以保护自己的设备不受这个漏洞的影响。
此外,谷歌还在最新版本的Chrome Canary版本(122.0.6251.0)中更新了浏览器对无痕模式的描述,以避免被指控“即使在用户开启Chrome无痕模式后仍非法跟踪浏览活动”。
谷歌一直将用户的网络安全放在首位,这次的更新再次证明了这一点。谷歌呼吁所有用户尽快安装这个补丁,以防止自己成为黑客攻击的目标。
英语如下:
Title: Google Emergencyly Fixes Three Serious Vulnerabilities in Chrome Browser, Hackers Exploiting Zero-Day Vulnerability!
Keywords: 1. Chrome Browser Update
Summary: Google yesterday released version updates for the desktop platform of Chrome Browser, 120.0.6099.234/235, urgently fixing three serious vulnerabilities, including a zero-day vulnerability (CVE-2024-0519) that has already been exploited by hackers. This vulnerability allows hackers to trigger stack corruption through specific HTML pages and execute malicious code on the victim’s device.
Body: The Google Chrome Browser for the desktop platform has recently received an important update, with the version number being 120.0.6099.234/235. The main purpose of this update is to urgently fix three serious security vulnerabilities to protect users’ network security.
Among these three vulnerabilities, the most notable one is the CVE-2024-0519 zero-day vulnerability. This vulnerability exists in the V8 engine of Chrome Browser and is an memory access vulnerability. Hackers can exploit this vulnerability to trigger stack corruption through specific HTML pages, thus executing malicious code on the victim’s device.
Google has noticed this vulnerability and is actively cooperating with security researchers worldwide to prevent it from being further exploited. At the same time, Google has also released a patch, recommending that users install it as soon as possible to protect their devices from this vulnerability.
In addition, Google updated the description of browser’s incognito mode in the latest version of Chrome Canary (122.0.6251.0) to avoid accusations that “even after enabling Chrome incognito mode, they still illegally track browsing activities.”
Google always puts users’ network security first, and this update once again proves this point. Google calls on all users to install this patch as soon as possible to prevent themselves from becoming the target of hacker attacks.
【来源】https://www.ithome.com/0/745/735.htm
Views: 1