Google Chrome Gets Second Security Patch for Critical Zero-Day Bug in Two Weeks

Google said it was aware of reports that an exploit of the zero-day vulnerability exists in the wild.

Advertisement
By Veer Arjun Singh | Updated: 3 November 2020 17:22 IST
Highlights
  • Second security patch for Google Chrome released in two weeks
  • The patch version 86.0.4240.183 is for Windows, Mac, and Linux systems
  • Google says the update will be rolling out over the next few days/weeks

Google confirmed the exploitation of the zero-day flaw was unrelated to US elections

Google has started rolling out a new security update for its Chrome browser on desktops. The new patch includes fixes to a total of 10 bugs in the browser, including a zero-day vulnerability — the second to have been noticed by Google's Threat Analysis Group (TAG) that tracks threat actors in the last two weeks. As always, Google says that details of the bug and links won't be revealed till a majority of Chrome users have installed the update and the vulnerabilities are also fixed in any related third-party library. A zero-day vulnerability refers to a recently discovered software security flaw that could have been already exploited by hackers.

The Google Chrome security patch version 86.0.4240.183 is being released for systems running on Windows, Mac, and Linux. Google in a blog published on the Chrome update on November 2 said that it was aware of reports that an exploit of the particular zero-day vulnerability identified as CVE-2020-16009 exists in the wild. The changelog of the update only has a passing mention that the zero-day bug was in V8 — an open-source JavaScript engine designed for Google Chrome and is also used by other Chromium browsers, such as Microsoft Edge and Opera.

The zero-day issue that the latest patch fixes is the second to be spotted in the last two weeks and the fourth in the last 12 months. Google had last released a security patch on October 20 to fix CVE-2020-15999 — an actively exploited memory corruption bug in the FreeType font rendering library within Chrome. A few days after releasing a security patch to fix it, Google on October 30 revealed that the zero-day CVE-2020-15999 was being exploited in conjunction with a windows zero-day vulnerability identified as CVE-2020-17087. While the malicious code was being executed inside Google Chrome, the Windows zero-day was increasing the code's privileges to attack the Windows OS. Ben Hawkes, the technical lead of Google's Project Zero, an elite team of bug hunters, has said that Microsoft is expected to issue a security patch to fix their security flaw on November 10.

Advertisement

While Google's TAG did not reveal if the two bugs were being exploited by the same threat actors, it confirmed that the motive of the attackers was unrelated to the US presidential elections.

Is Mi Notebook 14 series the best affordable laptop range for India? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, download the episode, or just hit the play button below.

 
Post your comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Google Chrome, zero-day, Google Chrome security patch, Windows zero-day
Spotify Will Let Artists, Labels, Choose Which Songs to Promote in Radio, Autoplay
Advertisement

Related Stories

CERT-In Warns Chrome, Edge Users of ‘High’ Risk Vulnerabilities on Windows, macOS, and Linux
8 December 2025
Google Chrome for Android Could Soon Let You Share Your Approximate Location With Websites
25 November 2025
Adobe Photoshop Chrome Extension Launched, Users Get One Year of Free Photoshop Web Access
25 November 2025
CERT-In Warns Google Chrome Users of ‘High Risk’ Vulnerabilities on Windows, macOS, and Linux
21 November 2025
How to Clear DNS Cache in Google Chrome: A Step-by-Step Guide for Android, iOS, and Desktop
18 November 2025
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Starlink Will Offer Unlimited Satellite Internet in India at This Price
  2. Jolla Phone Launched With 5,500mAh Replaceable Battery, Sailfish OS 5
  3. OnePlus 15R Roundup: Price in India, Specs and Everything We Know So Far
  4. Motorola Edge 70 With 5.99mm Slim Profile Will Launch in India on This Date
  5. Realme Narzo 90 Series 5G India Launch Announced
  6. Infinix Note 60, Note 60 Edge, Note 60 Pro Reportedly Spotted on SDPPI Website
  7. 'High' Risk Vulnerabilities Discovered in Google Chrome and Edge Browsers
  8. Gemini 3 Deep Think Model Is Now Available to These Users
  9. Sierra First Impressions: Tata's Icon Returns in Style
  10. Oppo Find X9 Is Now Available in India in This Colour Option
#Latest Stories
  1. Elon Musk Says Grok 4.20 AI Model Could Be Released in a Month
  2. Xiaomi 17 Global Variant Listed on Geekbench, Tipped to Launch in India by February 2026
  3. James Gunn's Superman to Release on JioHotstar on December 11: What You Need to Know
  4. The Boys Season 5 OTT Release Date: When and Where to Watch the Final Season Online?
  5. The Strangers Chapter 2 Now Available on Rent on Amazon Prime Video, Apple TV, and More
  6. Meta Acquires AI Wearables Startup Limitless, Could Expand Its Hardware Offerings
  7. Airtel Reportedly Partners With Google to Launch RCS Messaging for Users in India
  8. Jolla Phone Launched With 5,500mAh Replaceable Battery, Linux-Based Sailfish OS 5: Price, Availability, Features
  9. CERT-In Warns Chrome, Edge Users of ‘High’ Risk Vulnerabilities on Windows, macOS, and Linux
  10. Coinbase Reopens Registrations in India, Plans Fiat On-Ramp in 2026
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.