Google today released Chrome version 86.0.4240.198 to fix two 0days already in the Internet.
Those two errors mark the fourth and fifth 0days that Google has patched in Chrome in the last three weeks.
The difference this time is that the first three 0days were discovered internally by Google security researchers, these two new ones were detected by anonymous sources.
Details of where and how the new Chrome 0days have been used have not yet been published.
In accordance with changelog Chrome 86.0.4240.198, the two new vulnerabilities are:
CVE-2020-16013 - Described as "inappropriate V8 application", where V8 is the Chrome component that manages JavaScript code.
CVE-2020-16017 - Described as a "use after free" memory corruption error in Site Isolation, the Chrome component that isolates the data of each site from each other.
It is currently not known whether the two vulnerabilities have been used together, or individually. The first security gap was reported on Monday, while the second was reported on Wednesday.
So as you understand you should inform him immediately browser you.
