A second Chromium zero-day remote code execution exploit has been released on Twitter this week that affects current versions of Google Chrome, Microsoft Edge, and likely other Chromium-based browsers.
A zero-day vulnerability is when detailed information about a vulnerability or an exploit is released before the affected software developers can fix it. These vulnerabilities pose a significant risk to users as they allow threat actors to begin using them before a fix is released.
Today, a security researcher known as frust dropped a PoC exploit on Twitter for a zero-day bug Chromium-based browser that causes the Windows Notepad application to open.
Read more…
Source: Bleeping Computer