All android users should update their google application

Prior to 86.0.4240.185, heap buffer overflow in Google Chrome UI on Android allowed a remote attacker who had breached the mechanism of the renderer to theoretically execute a sandbox escape with a designed HTML file.

Unpatched till Next week.

Tuesday, November 3, 2020, 8:38 GMT

As google chrome told:

We’ve just released Chrome 86 (86.0.4240.185) for Android: it’ll become available on Google Play over the next few weeks.

Security fixes in this release are listed in the corresponding Desktop Release. In addition, this Android release contains:

[$NA][1144368] High CVE-2020-16010: Heap buffer overflow in UI on Android.

Reported by Maddie Stone, Mark Brand, and Sergei Glazunov of Google Project Zero on 2020-10-31

Google is aware of reports that an exploit for CVE-2020-16010 exists in the wild.

This release also includes stability and performance improvements. You can see a full list of the changes in the Git log. If you find a new issue, please let us know by filing a bug.


Special Offer: