High-Severity Vulnerability in Google Chrome (CVE-2020-6418)

Published on 26 Feb 2020

Updated on 26 Feb 2020

Google has released Chrome version 80.0.3987.122 for Windows, Mac and Linux to address a high-severity vulnerability (CVE-2020-6418). There are reports that an exploit for CVE-2020-6418 exists in the wild.

This vulnerability exists due to a type confusion in Chrome's V8 JavaScript Engine. Successful exploitation of this vulnerability could corrupt memory and allow an attacker to execute arbitrary code.

Users of affected products are advised to install the latest security updates immediately. All users are encouraged to enable the automatic update function to ensure prompt software updates are performed.

More information is available here:
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html
https://www.zdnet.com/article/google-patches-chrome-zero-day-under-active-attacks/
https://www.tenable.com/blog/cve-2020-6418-google-chrome-type-confusion-vulnerability-exploited-in-the-wild