1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Google Chrome users urged to update immediately or risk attack

    From TechnologyDaily@1337:1/100 to All on Mon Mar 28 14:30:04 2022
    Google Chrome users urged to update immediately or risk attack

    Date:
    Mon, 28 Mar 2022 13:15:10 +0000

    Description:
    A dangerous Google Chrome vulnerability is being exploited in the wild.

    FULL STORY ======================================================================

    Google has urged Chrome users to update the web browser to the latest version in order to avoid being targeted by cybercriminals.

    Late last week, the company released Chrome 99.0.4844.84 for Windows, Mac,
    and Linux, which fixes a high severity zero-day vulnerability that allows for remote code execution.

    What's more, the issue has already been abused in real-life scenarios.
    "Google is aware that an exploit for CVE-2022-1096 exists in the wild," the company announced. TechRadar needs you!

    We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a 100 Amazon gift card (or equivalent in USD). Thank you for taking part.

    Click here to start the survey in a new window << Google Chrome zero-day

    Tracked as CVE-2022-1096, the vulnerability is described as a confusion weakness in the Chrome V8 JavaScript engine.

    It allows an attacker to crash the browser, and could therefore be abused for a denial of service attack, as well as to execute arbitrary code, which could lead to malware and ransomware infections.

    Because the flaw is being abused in the wild, Google is deliberately withholding additional information until users are able to patch up their systems.

    "Access to bug details and links may be kept restricted until a majority of users are updated with a fix," Google said. "We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven't yet fixed."

    The fix is already out, but it could take weeks before it reaches each and every Chrome user. Anyone looking to check whether their client has updated automatically can do so via Chrome Menu > Help > About Google Chrome, which will reveal the version number. Read more

    Emergency Google Chrome update fixes nasty security bug

    Google Chrome 100 update may break your website - but there's a fix


    How to use profiles in Chrome to keep work and home separate

    This is the second zero-day found and patched in Chrome since the start of
    the year, following the discovery of CVE-2022-0609. Google describes the vulnerability as "use after free in animation", but has not gone into much detail about what this entails or how extreme the risk is.

    The company says the flaws are being abused in the wild, but declined to
    share any details as to how they are being abused, or by whom. It's difficult to say if malware was developed to abuse the flaw, and whether or not it will be picked up by antivirus solutions. Check out our list of the best proxies right now

    Via BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/google-chrome-users-urged-to-update-immediately -or-risk-attack/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)