Google Chrome update needed to avoid nasty security hole – –

0
25
Google Chrome update needed to avoid nasty security hole – –


Google has released an update to its Chrome browser for Windows and Mac users, and the internet giant strongly recommends that users apply the update as soon as possible. The update contains 14 security fixes – including a zero-day security vulnerability – which, if left unchecked, would leave the system vulnerable to attack. Google has rated these fixes as Critical, High, and Medium.

Windows and Mac users who are also surfing the internet with the Chrome browser will want to make sure they are on version 91.0.4472.101. To make sure you’re on the latest version of Chrome, launch your browser, then click on the three vertically stacked dots at the top right. Move towards Settings, then click About Chrome. From there, you’ll be able to view Chrome’s version number and update the browser if it hasn’t been updated automatically in the background.

If you don’t update your browser immediately, Google should release the update to users in the coming days or weeks, the company said on its blog.

One of the listed security vulnerabilities – CVE-2021-30551 – is related to a flaw in Windows 10 that Microsoft recently fixed with its latest operating system update.

“The Chrome in-the-wild CVE-2021-30551 vulnerability patched today was also from the same actor and targeting,” Shane Huntley, Google’s chief software engineer, wrote on Twitter. Publish, referring to the fact that attackers who exploited this vulnerability also took advantage of the vulnerability of CVE-2021-33742. In its release note for the latest Chrome update, Google described vulnerability CVE-2021-30551 as “type confusion in V8,” which was reported by Clement Lecigne of the Google Threat Analysis group. and Sergei Glazunov of Google Project Zero.

The vulnerability was initially discovered on June 4, Google said, noting that the company “is aware that an exploit for CVE-2021-30551 exists in the wild.” Chrome relies on the JavaScript-based V8 rendering engine for its browser, and rendering is also common for competing Chromium-based browsers, including Microsoft Edge.

Even if you’re not on Google Chrome, you’ll want to make sure you’re running the latest version from your browser of choice. Most browsers that use Chromium for rendering also display the Chromium version number, and users should diligently check to see if a fix is ​​available for their browser of choice. If you’re using Microsoft Edge, for example, you’ll want to launch your browser and access the About page. There you will find the browser version number as well as an option to update to the latest version if you are not on the most recent version. Similar procedures can be followed for Opera, Brave and others based on Chromium.

According to Bleeping Computer, this is the sixth zero-day exploit for Chrome in 2021.

Editor’s recommendations



LEAVE A REPLY

Please enter your comment!
Please enter your name here