请检测你的Chrome浏览器是否为最新版本

Google Chrome发布新的稳定版本 89.0.4389.90更新补丁CVE-2021-21193漏洞,请大家尽快升级。

你可以在浏览器中输入:chrome://settings/help

就可以直达版本更新的位置,我刚刚更新了它。


以下是来自卡巴斯基杀毒软件对该漏洞的解释,我担心翻译错误,还是贴上他们的原文吧!

It is a vulnerability in Google Chrome’s browser engine Blink — the main component responsible for converting HTML code into the well-designed Web pages you’re used to browsing.

It is a use-after-free vulnerability, which means Blink had trouble clearing memory. The typical consequences of attacks on use-after-free vulnerabilities are data corruption and arbitrary code execution, though no information is available about what actually happens in this particular case. Google usually shares more details after most users have updated their browsers.

An anonymous security researcher reported CVE-2021-211193 on March 9, and Google rushed out a fix in just three days. That rush might be attributable to the vulnerability’s real-world exploitation; crooks have already used the vulnerability, and that is reason enough for everybody to patch Google Chrome ASAP.

已邀请:

要回复问题请先登录注册