Earlier this week, Google detailed a Chrome zero-day exploit after releasing patches for the Mac, Windows, Linux, and Android browsers, as well as Chrome OS. Today, the company is officially disclosing it, along with another zero-day that it discovered.
Image: krebsonsecurity.com
The Verge spotted a controversial post on Google’s Online Security Blog in which the company says it will now publish security vulnerabilities discovered by its security researchers after just seven days rather than the existing sixty.
The policy affects what Google terms “critical vulnerabilities under active exploitation” – in other words, weaknesses that can do Bad Stuff to users and which are already being used by attackers …
Expand
Expanding
Close
