Google Chrome 0day Fixed (Feb 24, 2020)
Google has released a new version of Google Chrome to address three security fixes. One of the vulnerabilities, CVE-2020-6418, was reported by Google’s Threat Analysis Group after it was found to be exploited in the wild. A public Proof-of-concept (POC) for the vulnerability exists.
Recommendation: The vulnerability has been fixed in the Chromium project and Google has released a new version of Google Chrome to address the issue. Since Chromium is used as the base for many other web browsers, including Amazon Silk, Brave, Opera, Vivaldi, and Microsoft Edge, it is highly likely that these browsers are also vulnerable. Users of these browsers should update to the latest fixed versions when they are available.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.