The new vulnerability is being categorised as a “zero-day” flaw because the software developers had “zero days” to fix it. The Tom’s Guide report also said that the proof-of-concept hack works in a fully patches version of Microsoft Edge. It also said that other Chromium-based browsers like Brace, Opera, and Vivaldi are also at risk. As with previous “zero-day” flaws, this one also comes with a condition – the targeted browser has to have its sandboxing turned off. Sandboxing is a process that prevents malicious processes in a browser from escaping into the surrounding operating system. “Escaping” a sandbox is considered as an achievement in hacking. The newly-found exploit isn’t able to escape the Sandbox.
So, what can users do to protect themselves and their machines from the zero-day flaw? Currently, there isn’t much to do about this flaw, except using Firefox or Safari instead. However, it is unlikely that malicious hackers will be using this flaw to attach Chrome or Edge in the short term. Google had fixed the previous zero-day flaw in six days, hence, it can be expected that the company will do something about this in a similar time-frame.