Google Patches Fresh Magellan 2.0 SQLite Vulnerabilities in Chrome

The latest version of Google Chrome for desktop has patched the recently reported Magellan 2.0 vulnerabilities, but users on an older version of the browser are still vulnerable.

Advertisement
By Harpreet Singh | Updated: 24 December 2019 17:47 IST
Highlights
  • Five new SQLite-based vulnerabilities have impacted Google Chrome
  • Google patched them in the latest version of Chrome
  • Other apps that use SQLite are also affected
Google Patches Fresh Magellan 2.0 SQLite Vulnerabilities in Chrome

Google Chrome users should update their browser to the latest version

Last year around Christmas, Google Chrome was impacted by SQL vulnerabilities known as the Magellan SQLite vulnerabilities. The Tencent Blade security team highlighted the vulnerabilities in December last year that were patched right on time. This year, the same security team has disclosed fresh Magellan 2.0 vulnerabilities that impact Chrome, the search giant's popular Web browser. But there's very little you need to worry about unless you're running a really old version of Google Chrome.

Magellan 2.0 vulnerabilities have been patched by Google in the Chrome 79.0.3945.79 version. The new SQLite vulnerabilities can let a hacker run malicious code remotely on Google Chrome. Magellan 2.0 consists of five vulnerabilities in total, according to the Tencent Blade security team.

SQLite is popularly used across most operating systems and software products. The Tencent Blade security team claims both SQLite and Google have confirmed the vulnerabilities and fixed them. The security team claims it will disclose more details once other vendors fix the vulnerabilities.

A malicious user can use these vulnerabilities to perform an SQL operation with a specific code. On successfully executing the SQLite operation, the attacker can remotely execute code, leak program memory, and eventually end up causing program crashes.

Advertisement

Apps using SQLite database without the 13 December 2019 patch and Google Chrome prior to 7.0.3945.79 are affected by these vulnerabilities. The Tencent Blade security team claims it hasn't spotted any attacks in the wild yet and users don't really have to worry about anything right now.

The Chinese security company will release more details about the Magellan 2.0 vulnerabilities in the coming months. As of now, developers should update their apps with the latest SQLite version and Chrome users should also update their browser.

Advertisement

Earlier last month, Google had patched a zero-day vulnerability in Chrome. The exploit was reportedly leveraged to execute waterhole-style injection attacks. The vulnerability exploited Chrome 65 and later version.

 
Post your comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Google Chrome, Web browser
Acer Launches E-Store to Boost Online Sales in India
India to Take Big 5G Leap in 2020 but Mass Adoption Far Away
Advertisement

Related Stories

Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Vivo Y400 Pro 5G With 5,500mAh Battery Launched in India: Price, Features
  2. OTT Releases This Week: Ground Zero, Detective Sherdil, Found S2, and More
  3. Nothing Headphone 1 Renders Leaked Ahead of July 1 Launch: See Design
  4. Oppo Reno 14 5G Series Global Launch Scheduled for This Date
  5. Samsung Galaxy M36 5G India Launch Date and Key Features Revealed
  6. Adobe Launches a New Camera App for iPhone With Full Manual Controls
  7. 16 Billion Login Credentials Have Been Leaked in Massive Data Breach
  8. Nothing Phone 3 to Get New Glyph Matrix Interface on the Rear Panel
  9. Vivo X Fold 5 India Launch Timeline Tipped: All Details
  10. Oppo Find X9 Pro Leak Suggests Potential Camera Specifications
#Latest Stories
  1. Oppo Reno 14 5G Series Global Launch Date Announced; Amazon, Flipkart Tease Online Availability in India
  2. Gigabyte Aorus Master 16 AI PC With Intel Core Ultra 9 Chip, Up to GeForce RTX 5080 GPU Launched in India
  3. Google Suffers Setback in Fight Over EU’s EUR 4.1 Billion Fine
  4. Vivo X Fold 5 India Launch Reportedly Set for Mid-July
  5. Trump Extends Deadline for US TikTok Sale to September
  6. Nothing Headphone 1 Renders and Live Images Leak Ahead of July 1 Launch; Shows Unique Design
  7. BBC Said to Have Threatened Legal Action Against AI Start-up Perplexity Over Content Scraping
  8. Adobe Launches Project Indigo, a Camera App for iPhone With Full Manual Controls
  9. Oppo Find X9 Pro Camera Details Leaked; Said to Feature Samsung ISOCELL HP5 Sensor
  10. Nintendo Switch 2 Third-Party Game Sales Reportedly 'Very Low' Despite Console's Record Launch
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.