ETV Bharat / technologyChromium-Based Browsers At Risk As Google Accidentally Publishes Exploit Code Before Security PatchGoogle Published Chromium Exploit Code Before Fixing The Bug ( Representationa Picture; Credit: Getty Image )Hyderabad: Google sparked a major security controversy this week after it accidentally published proof-of-concept exploit code for a serious vulnerability in the Chromium browser engine before releasing a patch.
Since the issue impacts nearly every major browser built on Chromium — including Google Chrome, Microsoft Edge, Brave, Opera, Arc, and others — it potentially exposed millions of users worldwide.
The bug was first disclosed to Google in late 2022 but remained unresolved for 29 months.
However, Google’s bug tracker unexpectedly released both the technical details and exploit code before issuing a patch.
Although the report was later removed, archived versions remain publicly accessible, drawing sharp criticism from security researchers.
ETV Bharat / technology
Chromium-Based Browsers At Risk As Google Accidentally Publishes Exploit Code Before Security Patch
Google Published Chromium Exploit Code Before Fixing The Bug ( Representationa Picture; Credit: Getty Image )
Hyderabad: Google sparked a major security controversy this week after it accidentally published proof-of-concept exploit code for a serious vulnerability in the Chromium browser engine before releasing a patch. Since the issue impacts nearly every major browser built on Chromium — including Google Chrome, Microsoft Edge, Brave, Opera, Arc, and others — it potentially exposed millions of users worldwide. The bug was first disclosed to Google in late 2022 but remained unresolved for 29 months. Typically, companies publish details of a vulnerability only after it has been fixed and an update has been rolled out to users. However, Google’s bug tracker unexpectedly released both the technical details and exploit code before issuing a patch. Although the report was later removed, archived versions remain publicly accessible, drawing sharp criticism from security researchers. The flaw affects the Browser Fetch API, a background downloading feature built into Chromium that allows websites and web applications to continue downloading large files even after a webpage has been closed. Malicious Connection - Potential Capabilities (ETV Bharat)
