Google Chrome browser hit by multiple bugs (again!)
Google is having a hard time keeping Chrome - its highly popular internet browser - free from bugs. Just a few days back, the program was marred by a flaw wiping data from third-party Android apps. And now, in another case, security researchers and users have reported more, potentially scary, issues. Here's all you need to know about them.
Magellan 2.0 vulnerabilities in Chrome
First, cybersecurity researchers from China's Tencent Blade Team reported the discovery of Magellan 2.0 - a series of SQLite vulnerabilities that could allow any threat actor to run malicious code on Chrome, remotely. They claimed that the issue affects all programs using the SQLite database, but Chrome is most vulnerable as it uses the 'WebSQL API,' which exposes users to remote attacks by default.
The issue can crash the browser, if exploited
The Tencent Blade team emphasized that the issue, if exploited, could result in the leakage of Chrome memory or/and unexpected crashes of the app. They claimed that there is no evidence of an exploit of these vulnerabilities but denied sharing more details about the issue as that could risk a number of people using Chrome around the world.
Then, there is the issue of profile changes in Chrome
In addition to the SQLite issues, Chrome also appears to have been marred by a bug that is making changes to secondary profiles of users. People often create profiles to have multiple iterations of Chrome and keep their work and personal browsing details separate. However, in this case, the browser is changing the personalized names of these profiles to 'Person 1'.
No data is being compromised
That said, it is also imperative to note that the profile bug of Chrome only changes the name of the secondary profile. Everything else, including data (history/bookmarks), remains untouched on it.
How to fix these issues?
Google has not said anything about the profile issue but is expected to fix it with future releases. As for Magellan 2.0 flaws, the Tencent Blade Team says that the bug has been acknowledged by the internet giant and a fix has been packed with the latest stable release - Chrome 79 (v79.0.3945.79). So, to stay safe, update Chrome right now!
