Serious Vulnerability to be Found in Chrome

As reported, experts suggest that attackers collect information for future attacks
01 March 2019   498

An unpatched vulnerability discovered in Chrome that is currently used by attackers to monitor users and collect some data from them. They send out PDF files, which are not malicious in nature. But if the victim opens it in the Chrome embedded PDF reader, data on the user's IP address, versions of the system and browser will flow to a third-party server.

Experts suggest that attackers collect information for future attacks.

Chrome developers promise to release a patch in late April. In the meantime, information security experts recommend either opening PDF files in desktop readers, or turning off the Internet while viewing them in a browser.

Node.js v12.0.0 to be Rolled Out

It has giant list of updates, improvements and changes
24 April 2019   507

The release of Node.js 12.0.0, a platform for executing network applications in JavaScript, is available. Node.js 12.0 refers to branches with a long period of support, but this status will be assigned only in October, after stabilization. Updates for LTS branches are issued for 3 years. Support for the last LTS branch of Node.js 10.0 will last until April 2021, and the year before last LTS-branch 8.0 until January 2020. Support for the intermediate branch Node.js 11.0 will be discontinued in June 2019. The lifetime of the LTS branch 6.0 will end on April 30.

These are some of the large list of updates and new staff:

  • V8 engine was updated to version 7.4 with support for asynchronous stack traces, increasing await performance, parsing JavaScript and calls when the actual and declared number of arguments does not match;
  • TLS 1.3 is now supported in the tls module and TLS 1.0 / 1.1 is shutdown by default;
  • Enhancing protection and checks on the size of allocated memory in the Buffer class;

Get more info at official website.