Chrome browser update 79.0.3945.130, wanda gyara hudu rauni, daya daga cikin abin da aka sanya matsayi na m matsala, wanda ba ka damar ketare duk matakan da browser kariya da aiwatar da code a kan tsarin, a waje da sandbox yanayi. Cikakkun bayanai game da mummunan rauni (CVE-2020-6378) ya zuwa yanzu , Mu kawai mun san cewa yana faruwa ne ta hanyar samun dama ga tubalin ƙwaƙwalwar ajiya da aka rigaya a cikin ɓangaren tantance magana.
Sauran lahani guda uku ana yiwa alama masu haɗari. Hakanan rashin lahani na CVE-2020-6379 yana da alaƙa da samun dama ga toshewar ƙwaƙwalwar ajiya da aka riga aka saki (Amfani-bayan-kyauta) a cikin lambar tantance magana. CVE-2020-6380 yana faruwa ne ta hanyar kuskure wajen tabbatar da saƙonni daga add-ons. Wani canji yana da alaƙa da kariya daga a cikin Crypto API na dandalin Windows, wanda ke ba da izinin ƙirƙirar takaddun shaida na TLS na karya da sa hannun dijital na ƙirƙira (riga lambar don samar da takaddun shaida waɗanda aka tabbatar da amincin su ta Windows).
source: budenet.ru