Vulnerability Description

On February 25, security updates were released for Google Chrome and Microsoft Edge. The open-source JavaScript and WebAssembly engines in V8 in Google Chrome before 80.0.3987.122 and Microsoft Edge browser before 80.0.361.62 are prone to a type confusion vulnerability (CVE-2020-6418), which allows attackers to access data in an unauthorized way, thereby executing malicious code. According to researchers, this vulnerability has been exploited for attacks before security updates were released. Currently, details have been made public available. Users of Google Chrome and Microsoft Edge browsers adopting V8 are advised to install the updates as soon as possible. (more…)