Exodus Intelligence researcher István Kurucsai has reported another case of patch gapping in Google Chrome.
A ‘patch gap’ can be best explained as a time slot between the fix of security vulnerability and its availability to the users. This time slot can be of advantage to hackers as they closely monitor the security patches and unleash an attack before the patch is made public.
One of the main issues with patch gaps is that sometimes these critical fixes take months and in the meantime cause panic in the cybersecurity world.
More about Chrome’s patch gap
Patch gaps are a recurring process and most of them aren’t potentially dangerous, but the current patch gap in chrome has several vulnerabilities those open doors for hackers. It was found that the V8 bug, whose fix caused a patch gap, is a potential threat.
Although the patch for this bug was made available in August, it was only scheduled to release with Chrome 77 in September. This means that the hackers had enough time to develop an exploit and utilize the patch gap.
What a user can do