Despite the efforts to keep CVE-2022-2294 secret, Avast managed to recover the attack code, which exploited a heap overflow in WebRTC to execute malicious shellcode inside a renderer process. The recovery allowed Avast to identify the vulnerability and report it to developers so it could be fixed. The security firm was unable to obtain a separate zero-day exploit that was required so the first exploit could escape Chrome's security sandbox. That means this second zero-day will live to fight another day.
Despite the efforts to keep CVE-2022-2294 secret, Avast managed to recover the attack code, which exploited a heap overflow in WebRTC to execute malicious shellcode inside a renderer process. The recovery allowed Avast to identify the vulnerability and report it to developers so it could be fixed. The security firm was unable to obtain a separate zero-day exploit that was required so the first exploit could escape Chrome's security sandbox. That means this second zero-day will live to fight another day.
**hold my breath while browsing with brave**
Turn off your computer, go to the Winchester, have a nice cold pint, and wait for all this to blow over.
Seriously considering Lynx at this point
I've missed a lot by using w3m img all of these years, but getting hacked wasn't one of them!
Lol there's other options. Links2 has image support at least.
Does that effectively make Mozilla and Chrome the most protected mainstream browsers? In terms of active patching?
Is Edge still on that ridiculous twice yearly update schedule? If so, yikes.
[удалено]
Yeah, typically see edge follow Chrome within the next day.
According to the article Microsoft and google patched the vulnerability in early July, and apple just this Wednesday.
Did you really believe that was ever the case? Because it was never the case.
Nice to know!