Google has released a new security update for the Chrome for Android web browser that fixes a critical zero-day vulnerability that is being exploited in the wild.
The company has released Chrome 86 version 86.0.4240.185 for Android with fixes for vulnerability listed as CVE-2020-16010, which entails heap buffer overflow in the user interface component of Chrome for Android. Google said that the security vulnerability allowed hackers to bypass Chrome security sandbox for Android and run their malicious code on the operating system.
The company while crediting its Threat Analysis Group (TAG) team for discovering the critical vulnerability noted that the security patch that will be available to the users on Google’s Play Store over the coming few weeks not only fixes the critical vulnerability but it also includes stability and performance improvements.
Notably, this is the third Chrome vulnerability that has been discovered by the TAG team in the past two weeks.
Earlier this week, the company rolled out a security update for the desktop version of its Chrome web browser that fixed a vulnerability titled CVE-2020-16009, which entailed a remote code execution in the Chrome V8 JavaScript engine.
Prior to that, the company fixed another zero-day vulnerability titled CVE-2020-15999 in the desktop version of the Chrome web browser that affected Chrome’s FreeType font rendering library.
