Updated on 2022-12-05: Chrome zero-day
Overview: Google Updates Chrome to Fix Another Zero-Day
- Two things to think about when reading this. #1: Adobe Reader (that one probably stings). #2: Our web browsers are designed to download and compile/run code from 3rd parties. These are very complicated systems; add to that, we are now seeing more and more bugs due to how much research is being built up; expect more. This is one of the reasons Mozilla started to invest heavily in developing rust, as they also faced the same issues.
- While nine zero-day vulnerabilities in a year is a lot, I suspect most can be attributed to Google’s internal threat analysis group. The really good news is that Google greatly simplified the patch management process for Chrome, now mirrored by all major browser vendors. It’s as simple as closing and reopening the browser
Read more in