![]() ![]() Our TakeĪs a short-term solution, Chrome version 84 will be released on July 14, 2020, which attempts to mitigate the risk by controlling abusive permission requests and browser notifications from malicious websites that attempt to exploit the memory bug. ![]() As Samsung Internet on the Android mobile operating system is Chromium-based, it is possible that it may also be affected by this bug. This identified flaw affects all Chromium-based browsers, including Opera, Brave, and Microsoft Edge. (Source: “ Memory safety.” The Chromium Projects. Google explains that over 70% of its high-severity security bugs are attributed to this fault, represented by “other memory unsafety” and “use after free” in the chart below: Most programs have a “garbage collection” function that cleans up memory after use. The previous paragraph explains that neither C nor C++ have mechanisms to warn programmers of these types of memory management errors. However, the release of the memory addresses does not purge the content of that memory, making the content available for malicious programs to access. Once the memory is no longer needed, the program can release the memory back to the operating system. This implicates that both C and C++ provide programmers with a means of allocating RAM memory to carry out functions. These early coding errors result in memory management vulnerabilities being introduced in applications.” (“ Google Just Gave Millions Of Users A Reason To Quit Chrome.” Forbes.) Google explains that the issue is inherent in the programming languages C and C++, of which neither “…come with restrictions or warnings to prevent or alert developers when they're making basic memory management errors. This was first published on Google’s Chromium Project website. This flaw introduces a potential vulnerability that effects Google Chrome, as well as all Chromium-based web browsers.Įngineers identified an issue in its Chrome web browser that may permit poorly written code to allow access to data stored in active (RAM) memory. Google has identified “unsafe” code in the Chromium web browser engine.
0 Comments
Leave a Reply. |