With the rollout of Chrome 81.0.4044.113, a critical vulnerability in Google’s browser should be fixed, as the tech giant states on its website.
The vulnerability is comprised of a feature where part of the memory is reserved for a certain process and returned to the OS after use. However, should a program accidentally still use a specific part of the memory while another program has already written data over it, then a program can wrongly assume certain data to be correct.
Remote Code Execution
In the worst case, this method can be used by malicious parties to inject code to take over a PC. Since it dives directly into the memory, security measures from a browser itself have already been bypassed. Such Remote Code Execution is probably what the vulnerability is about, as Google has identified it as critical.
Initially, Google announced that it would roll out the update that resolves the vulnerability in the coming days and weeks, but on the 15th of April the update was already live. Chrome should update automatically (unless this is disabled), but if you want to make sure that the correct version is installed, you can check it manually. Via ‘help’ and ‘about chrome’ the version number of the browser will appear. The update that fixes the critical vulnerability is 81.0.4044.113.