{"id":48035,"date":"2026-06-16T10:32:23","date_gmt":"2026-06-16T03:32:23","guid":{"rendered":"https:\/\/antoanthongtinhaiphong.gov.vn\/?p=48035"},"modified":"2026-06-18T10:33:05","modified_gmt":"2026-06-18T03:33:05","slug":"google-khan-cap-va-28-lo-hong-chrome-nhieu-loi-co-the-dan-den-chiem-quyen-he-thong","status":"publish","type":"post","link":"https:\/\/antoanthongtinhaiphong.gov.vn\/google-khan-cap-va-28-lo-hong-chrome-nhieu-loi-co-the-dan-den-chiem-quyen-he-thong\/","title":{"rendered":"Google kh\u1ea9n c\u1ea5p v\u00e1 28 l\u1ed7 h\u1ed5ng Chrome, nhi\u1ec1u l\u1ed7i c\u00f3 th\u1ec3 d\u1eabn \u0111\u1ebfn chi\u1ebfm quy\u1ec1n h\u1ec7 th\u1ed1ng"},"content":{"rendered":"<div><b>Google v\u1eeba ph\u00e1t h\u00e0nh b\u1ea3n c\u1eadp nh\u1eadt b\u1ea3o m\u1eadt m\u1edbi cho tr\u00ecnh duy\u1ec7t Chrome, kh\u1eafc ph\u1ee5c t\u1ed5ng c\u1ed9ng 28 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt, trong \u0111\u00f3 c\u00f3 nhi\u1ec1u l\u1ed7i nghi\u00eam tr\u1ecdng c\u00f3 th\u1ec3 b\u1ecb l\u1ee3i d\u1ee5ng \u0111\u1ec3 th\u1ef1c thi m\u00e3 t\u00f9y \u00fd tr\u00ean thi\u1ebft b\u1ecb c\u1ee7a n\u1ea1n nh\u00e2n. \u0110\u1ee3t c\u1eadp nh\u1eadt l\u1ea7n n\u00e0y t\u1eadp trung x\u1eed l\u00fd h\u00e0ng lo\u1ea1t l\u1ed7i h\u1ecfng b\u1ed9 nh\u1edb trong c\u00e1c th\u00e0nh ph\u1ea7n c\u1ed1t l\u00f5i c\u1ee7a tr\u00ecnh duy\u1ec7t, v\u1ed1n l\u00e0 m\u1ee5c ti\u00eau \u0111\u01b0\u1ee3c tin t\u1eb7c \u0111\u1eb7c bi\u1ec7t \u01b0a chu\u1ed9ng trong c\u00e1c chi\u1ebfn d\u1ecbch t\u1ea5n c\u00f4ng hi\u1ec7n nay.<\/b><br \/>\n\u200b<\/div>\n<div>\n<div class=\"bbImageWrapper  js-lbImage\" title=\"chrome update 1.png\" data-src=\"https:\/\/whitehat.vn\/attachments\/chrome-update-1-png.19157\/\" data-lb-sidebar-href=\"\" data-lb-caption-extra-html=\"\" data-single-image=\"1\"><img loading=\"lazy\" decoding=\"async\" class=\"bbImage\" title=\"chrome update 1.png\" src=\"https:\/\/whitehat.vn\/attachments\/chrome-update-1-png.19157\/\" alt=\"chrome update 1.png\" width=\"700\" height=\"390\" data-url=\"\" data-zoom-target=\"1\" \/><\/div>\n<p>\u200b<\/p><\/div>\n<div>\nB\u1ea3n c\u1eadp nh\u1eadt Stable Channel n\u00e2ng Chrome l\u00ean phi\u00ean b\u1ea3n 149.0.7827.114\/.115 tr\u00ean Windows v\u00e0 macOS, \u0111\u1ed3ng th\u1eddi l\u00ean phi\u00ean b\u1ea3n 149.0.7827.114 tr\u00ean Linux. Google cho bi\u1ebft qu\u00e1 tr\u00ecnh tri\u1ec3n khai \u0111ang \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n theo t\u1eebng giai \u0111o\u1ea1n v\u00e0 s\u1ebd \u0111\u1ebfn tay to\u00e0n b\u1ed9 ng\u01b0\u1eddi d\u00f9ng trong nh\u1eefng ng\u00e0y t\u1edbi.<\/p>\n<p>\u0110\u00e1ng ch\u00fa \u00fd nh\u1ea5t trong \u0111\u1ee3t v\u00e1 l\u1ea7n n\u00e0y l\u00e0 ba l\u1ed7 h\u1ed5ng use-after-free \u0111\u01b0\u1ee3c ghi nh\u1eadn trong c\u00e1c th\u00e0nh ph\u1ea7n Core, DigitalCredentials v\u00e0 WebMIDI, \u0111\u01b0\u1ee3c theo d\u00f5i v\u1edbi c\u00e1c m\u00e3 CVE-2026-12007, CVE-2026-12008 v\u00e0 CVE-2026-12011. \u0110\u00e2y l\u00e0 d\u1ea1ng l\u1ed7i x\u1ea3y ra khi ch\u01b0\u01a1ng tr\u00ecnh ti\u1ebfp t\u1ee5c truy c\u1eadp v\u00e0o v\u00f9ng nh\u1edb \u0111\u00e3 \u0111\u01b0\u1ee3c gi\u1ea3i ph\u00f3ng, t\u1ea1o \u0111i\u1ec1u ki\u1ec7n cho k\u1ebb t\u1ea5n c\u00f4ng thao t\u00fang d\u1eef li\u1ec7u v\u00e0 can thi\u1ec7p v\u00e0o lu\u1ed3ng th\u1ef1c thi c\u1ee7a \u1ee9ng d\u1ee5ng.<\/p>\n<p>Google c\u0169ng kh\u1eafc ph\u1ee5c CVE-2026-12010, m\u1ed9t l\u1ed7 h\u1ed5ng heap buffer overflow trong th\u00e0nh ph\u1ea7n GPU, c\u00f9ng CVE-2026-12009 li\u00ean quan \u0111\u1ebfn vi\u1ec7c x\u00e1c th\u1ef1c d\u1eef li\u1ec7u \u0111\u1ea7u v\u00e0o kh\u00f4ng \u0111\u1ea7y \u0111\u1ee7 trong th\u00e0nh ph\u1ea7n Accessibility. N\u1ebfu b\u1ecb khai th\u00e1c th\u00e0nh c\u00f4ng, c\u00e1c l\u1ed7 h\u1ed5ng n\u00e0y c\u00f3 th\u1ec3 cho ph\u00e9p tin t\u1eb7c th\u1ef1c thi m\u00e3 \u0111\u1ed9c tr\u00ean h\u1ec7 th\u1ed1ng th\u00f4ng qua nh\u1eefng trang web \u0111\u01b0\u1ee3c t\u1ea1o \u0111\u1eb7c bi\u1ec7t, t\u1eeb \u0111\u00f3 d\u1eabn t\u1edbi nguy c\u01a1 chi\u1ebfm quy\u1ec1n ki\u1ec3m so\u00e1t thi\u1ebft b\u1ecb.<\/p>\n<p>B\u00ean c\u1ea1nh c\u00e1c l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng, b\u1ea3n c\u1eadp nh\u1eadt c\u00f2n kh\u1eafc ph\u1ee5c nhi\u1ec1u l\u1ed7 h\u1ed5ng m\u1ee9c \u0111\u1ed9 cao trong c\u00e1c th\u00e0nh ph\u1ea7n Network, Media, Autofill, GPU, Video, VideoCapture v\u00e0 Views. Ph\u1ea7n l\u1edbn trong s\u1ed1 n\u00e0y l\u00e0 c\u00e1c l\u1ed7 h\u1ed5ng use-after-free, \u0111\u1ecdc ho\u1eb7c ghi d\u1eef li\u1ec7u ngo\u00e0i ph\u1ea1m vi b\u1ed9 nh\u1edb \u0111\u01b0\u1ee3c c\u1ea5p ph\u00e1t v\u00e0 c\u00e1c l\u1ed7 h\u1ed5ng tr\u00e0n b\u1ed9 \u0111\u1ec7m. \u0110\u00e2y \u0111\u1ec1u l\u00e0 nh\u1eefng d\u1ea1ng l\u1ed7 h\u1ed5ng th\u01b0\u1eddng xuy\u00ean xu\u1ea5t hi\u1ec7n trong c\u00e1c chu\u1ed7i khai th\u00e1c tr\u00ecnh duy\u1ec7t hi\u1ec7n \u0111\u1ea1i do kh\u1ea3 n\u0103ng d\u1eabn t\u1edbi h\u1ecfng b\u1ed9 nh\u1edb v\u00e0 th\u1ef1c thi m\u00e3 t\u00f9y \u00fd.<\/p>\n<p>Google c\u0169ng kh\u1eafc ph\u1ee5c nhi\u1ec1u l\u1ed7 h\u1ed5ng li\u00ean quan \u0111\u1ebfn vi\u1ec7c x\u00e1c th\u1ef1c d\u1eef li\u1ec7u \u0111\u1ea7u v\u00e0o kh\u00f4ng \u0111\u1ea7y \u0111\u1ee7 trong DevTools, Extensions, Network v\u00e0 Linux Toolkit Theming. Ngo\u00e0i ra, h\u00e3ng c\u00f2n x\u1eed l\u00fd c\u00e1c l\u1ed7 h\u1ed5ng th\u1ef1c thi ch\u00ednh s\u00e1ch kh\u00f4ng \u0111\u00fang trong DevTools v\u00e0 ch\u1ebf \u0111\u1ed9 Headless, c\u00f9ng m\u1ed9t l\u1ed7 h\u1ed5ng tranh ch\u1ea5p \u0111i\u1ec1u ki\u1ec7n trong c\u01a1 ch\u1ebf Safe Browsing c\u00f3 th\u1ec3 \u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn kh\u1ea3 n\u0103ng b\u1ea3o v\u1ec7 ng\u01b0\u1eddi d\u00f9ng tr\u01b0\u1edbc c\u00e1c trang web \u0111\u1ed9c h\u1ea1i.<\/p>\n<p>M\u1eb7c d\u00f9 hi\u1ec7n ch\u01b0a ghi nh\u1eadn d\u1ea5u hi\u1ec7u c\u00e1c l\u1ed7 h\u1ed5ng n\u00e0y \u0111ang b\u1ecb khai th\u00e1c ngo\u00e0i th\u1ef1c t\u1ebf, s\u1ef1 xu\u1ea5t hi\u1ec7n \u0111\u1ed3ng th\u1eddi c\u1ee7a nhi\u1ec1u l\u1ed7i li\u00ean quan \u0111\u1ebfn qu\u1ea3n l\u00fd b\u1ed9 nh\u1edb l\u00e0m gia t\u0103ng \u0111\u00e1ng k\u1ec3 nguy c\u01a1 xu\u1ea5t hi\u1ec7n m\u00e3 khai th\u00e1c trong th\u1eddi gian t\u1edbi. Trong nhi\u1ec1u n\u0103m qua, c\u00e1c l\u1ed7 h\u1ed5ng h\u1ecfng b\u1ed9 nh\u1edb v\u1eabn l\u00e0 m\u1ed9t trong nh\u1eefng con \u0111\u01b0\u1eddng ph\u1ed5 bi\u1ebfn nh\u1ea5t \u0111\u1ec3 tin t\u1eb7c v\u01b0\u1ee3t qua c\u01a1 ch\u1ebf b\u1ea3o v\u1ec7 c\u1ee7a tr\u00ecnh duy\u1ec7t v\u00e0 gi\u00e0nh quy\u1ec1n th\u1ef1c thi m\u00e3 tr\u00ean thi\u1ebft b\u1ecb m\u1ee5c ti\u00eau. \u0110\u1ec3 h\u1ea1n ch\u1ebf nguy c\u01a1 b\u1ecb l\u1ee3i d\u1ee5ng, Google cho bi\u1ebft s\u1ebd ti\u1ebfp t\u1ee5c gi\u1edbi h\u1ea1n vi\u1ec7c c\u00f4ng b\u1ed1 th\u00f4ng tin k\u1ef9 thu\u1eadt chi ti\u1ebft cho \u0111\u1ebfn khi ph\u1ea7n l\u1edbn ng\u01b0\u1eddi d\u00f9ng ho\u00e0n t\u1ea5t c\u1eadp nh\u1eadt. H\u00e3ng c\u0169ng ghi nh\u1eadn \u0111\u00f3ng g\u00f3p t\u1eeb c\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u b\u1ea3o m\u1eadt b\u00ean ngo\u00e0i c\u00f9ng c\u00e1c nh\u00f3m b\u1ea3o m\u1eadt n\u1ed9i b\u1ed9 trong qu\u00e1 tr\u00ecnh ph\u00e1t hi\u1ec7n v\u00e0 kh\u1eafc ph\u1ee5c c\u00e1c l\u1ed7 h\u1ed5ng.<\/p>\n<p>Theo Google, nhi\u1ec1u c\u00f4ng c\u1ee5 ki\u1ec3m th\u1eed b\u1ea3o m\u1eadt nh\u01b0 AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer v\u00e0 AFL ti\u1ebfp t\u1ee5c \u0111\u00f3ng vai tr\u00f2 quan tr\u1ecdng trong vi\u1ec7c ph\u00e1t hi\u1ec7n c\u00e1c l\u1ed7i h\u1ecfng b\u1ed9 nh\u1edb v\u00e0 c\u00e1c v\u1ea5n \u0111\u1ec1 b\u1ea3o m\u1eadt ngay t\u1eeb giai \u0111o\u1ea1n ph\u00e1t tri\u1ec3n ph\u1ea7n m\u1ec1m. C\u00e1c chuy\u00ean gia khuy\u1ebfn ngh\u1ecb ng\u01b0\u1eddi d\u00f9ng v\u00e0 t\u1ed5 ch\u1ee9c nhanh ch\u00f3ng c\u1eadp nh\u1eadt Chrome l\u00ean phi\u00ean b\u1ea3n m\u1edbi nh\u1ea5t \u0111\u1ec3 gi\u1ea3m thi\u1ec3u nguy c\u01a1 b\u1ecb t\u1ea5n c\u00f4ng. V\u1edbi vi\u1ec7c tr\u00ecnh duy\u1ec7t web v\u1eabn l\u00e0 m\u1ed9t trong nh\u1eefng m\u1ee5c ti\u00eau ph\u1ed5 bi\u1ebfn nh\u1ea5t c\u1ee7a t\u1ed9i ph\u1ea1m m\u1ea1ng, vi\u1ec7c ch\u1eadm tri\u1ec3n khai b\u1ea3n v\u00e1 c\u00f3 th\u1ec3 t\u1ea1o c\u01a1 h\u1ed9i cho c\u00e1c t\u00e1c nh\u00e2n \u0111e d\u1ecda nghi\u00ean c\u1ee9u v\u00e0 ph\u00e1t tri\u1ec3n m\u00e3 khai th\u00e1c d\u1ef1a tr\u00ean nh\u1eefng l\u1ed7 h\u1ed5ng v\u1eeba \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1.\u200b<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Google v\u1eeba ph\u00e1t h\u00e0nh b\u1ea3n c\u1eadp nh\u1eadt b\u1ea3o m\u1eadt m\u1edbi cho tr\u00ecnh duy\u1ec7t Chrome, kh\u1eafc ph\u1ee5c t\u1ed5ng c\u1ed9ng 28 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt, trong \u0111\u00f3 c\u00f3 nhi\u1ec1u l\u1ed7i nghi\u00eam tr\u1ecdng c\u00f3 th\u1ec3 b\u1ecb l\u1ee3i d\u1ee5ng \u0111\u1ec3 th\u1ef1c thi m\u00e3 t\u00f9y \u00fd tr\u00ean thi\u1ebft b\u1ecb c\u1ee7a n\u1ea1n nh\u00e2n. \u0110\u1ee3t c\u1eadp nh\u1eadt l\u1ea7n n\u00e0y t\u1eadp trung x\u1eed [&hellip;]<\/p>\n","protected":false},"author":20,"featured_media":48036,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[3,24,35],"tags":[],"class_list":["post-48035","post","type-post","status-publish","format-standard","has-post-thumbnail","category-canh-bao-khuyen-nghi","category-tin-noi-bat","category-tin-tuc-su-kien"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/48035","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/comments?post=48035"}],"version-history":[{"count":2,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/48035\/revisions"}],"predecessor-version":[{"id":48038,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/48035\/revisions\/48038"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media\/48036"}],"wp:attachment":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media?parent=48035"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/categories?post=48035"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/tags?post=48035"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}