Google has patched a zero-day memory corruption bug in the FreeType font rendering library as part of the release of Chrome version 86.0.4240.111 for desktops. Google warned that the bug was being actively exploited in the wild.
- Project Zero researcher Ben Hawkes urged other users of Freetype to adopt Google's fix.
- Google patched three other high-severity bugs and one medium-severity bug in Chrome.
- Google has patched two other zero-day bugs in Chrome over the past 12 months: one in October last year and one in February this year.
A version of this story first appeared in Inside Security.