Tuesday, August 24, 2021

Google sounds the alarm over nasty Chrome vulnerabilities

Google is urging users of its browser to update Google Chrome immediately after seven high-severity vulnerabilities have been discovered.

The vulnerabilities in question affect all desktop versions of the search giant's browser regardless of whether a user is running Windows, macOS or Linux on their systems.

In a new blog post, Google listed the vulnerabilities as well as their CVE tracking numbers though the company has provided few details over concerns that they could be exploited by cybercriminals. 

While links are provided in the post, the company explained that access to them will be restricted until the majority of Chrome users have updated their browsers, saying:

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”

Few details for now

Of the seven vulnerabilities listed in Google's post, two are related to “Type Confusion in V8”, four are "use after free" flaws in Printing, Extensions API, WebRTC and ANGLE while one is a “Race in WebAudio”. However, until they've all been patched, Google likely won't provide additional information.

For those unfamiliar, V8 is the open source JavaScript engine that powers Chrome and WebRTC is a technology used to transfer audio and video data between browsers and mobile applications. ANGLE on the other hand is Google's open source, cross-platform graphics engine abstraction layer.

While we'll likely find out more once these security flaws have been patched, for now, Chrome users can head to the browser's settings menu, then to help and under the “About Google Chrome” section, they can see which version of the browser they're currently using. If your browser version is listed as 92.0.4515.159, then you're protected from any exploits leveraging these flaws. If not, Chrome's “About” section will likely tell you that you need to update and restart your browser.

As more and more of our work now takes place in a web browser, keeping Google Chrome up to date has never been more important when it comes to securing your personal data as well as your systems.

Via Bloomberg



from TechRadar - All the latest technology news https://ift.tt/38dbUjM

No comments:

Post a Comment

GitHub users targeted by dangerous new phishing threat

Researchers discover Golssue - a new tool for extracting GitHub user emails It is being sold for $700 on the dark web Such a high-preci...