Google patches Several Chrome bugs that could be exploited by malicious extensions.


Google’s Chrome 92 update, which was published this week, fixes ten vulnerabilities, including three highseverity problems that resulted in tens of thousands of dollars in bug rewards for researchers.

CVE202130590 is a sandbox escape flaw that can be “exploited in conjunction with an extension or a corrupted renderer,” according to the researchers. The weakness can be used by an attacker to get remote code execution outside of Chrome’s sandbox.

Read More…