In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-19 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)05/31 Report--
Google Chrome 85 repair WebGL code execution vulnerabilities example analysis, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain in detail for you, people with this need can come to learn, I hope you can gain something.
Google fixes a post-release reuse vulnerability in the WebGL (Web Graphics Library) component of the Google Chrome web browser, which can be successfully exploited to allow an attacker to execute arbitrary code in the context of the browser's process.
WebGL is a JavaScript API that compatibility browsers use instead of plug-ins to render interactive 2D and 3D graphics.
Google Chrome 85.0.4149.0 has fixed this code execution vulnerability.
High-risk code execution vulnerability
Marcin Towalski, a senior research engineer at Cisco Talos, found that the code execution vulnerability was numbered CVE-2020-6492, and CVSS v3 scored 8.3.
The vulnerability triggers a crash when the WebGL component fails to properly handle objects in memory.
According to Cisco Talos's security bulletin, the vulnerability lies in ANGLE, a compatibility layer between OpenGL and Direct3D used by Chrome browsers and other projects on Windows.
By correctly tampering with the memory layout, the attacker can take full control of the post-release reuse vulnerability, resulting in the execution of arbitrary code in the context of the browser.
CVE-2020-6492 affected Google Chrome 81.0.4044.138 (Stable), 84.0.4136.5 (Dev) and 84.0.4143.7 (Canary).
Google Chrome security update
Earlier, Google Chrome stable Edition (Chrome 84 and Chrome 83) fixed 38 vulnerabilities each, including those rated as ultra-critical and high-risk.
Chrome 84 also optimizes protection against mixed content downloads and browser notification fraud while removing insecure TLS protocols (i.e. TLS1.0 and 1.1).
Chrome 83 provides users with a great deal of security and privacy protection, including a redesigned "Privacy and Security" setting area, a new security check function, a new enhanced security browsing function, better control of cookies, and optimized DoH settings.
Because of the unabated outbreak, Google did not release Chrome 82, but decided to skip it and save all changes until the next release.
Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.