Tech News

Google has an emergency update for Chrome

The multinational Google released another emergency update for Chrome, after having detected a new vulnerability in the system. It is the second failure, with its respective solution, which is released in just over a week.

[article_mb_code]

On March 25, Google published an update after identifying a problem in the version of Chrome that could be used by hackers, the company warned at the time.

From the company they explained in their blog that the update for Windows, Mac and Linux was already available with the numbering 99.0.4844.84.

[article_mb_code]

The threat was considered “high” (the second most serious category only behind critical), “until most users update” to prevent the dissemination of sensitive information without giving the average user the opportunity to be protected.

This vulnerability received the nomenclature CVE-2022-1096 and it was an anonymous user who reported it on March 23. The company confirmed that an exploit of this flaw had been seen, which means that the attacks were already being carried out.

[article_mb_code]

Now a new emergency update has arrived. Although in this case, the point in favor is that, for now, there is no confirmation that the attackers are already exploiting the identified cybersecurity hole.

The emergency update arrives with version 100.0.4896.75. In an announcement published on April 4Google confirms that the security patch will be implemented for Windows, Mac and Linux users of Chrome in the coming days and weeks.

The vulnerability is listed as CVE-2022-1232 and it’s high gravity. The company has not yet given technical details about this failure. As usual, it will do so when most Chrome users have been able to update the system. This is a precautionary measure that is usually implemented in these contexts.

[article_mb_code]

According to the Center for Internet Safety (Center for Internet Security), this security hole could allow the arbitrary code execution. This refers to an attacker’s ability to execute commands or inject malicious code into an application.

“Depending on the privileges associated with the application, an attacker could see, change or delete data”, they warn from that entity.

Because the Chromium engine works with many browsers, including Edge and Opera, security updates for them will surely be released in the coming days as well.

How to update Chrome

Press the three dots that appear in the upper margin of Chrome, just below the profile picture. This will enter the Settings menu.

Next, click on the option that says Help and then on Chrome information and there you will see the version you have. As mentioned above, the security patch for this flaw comes with version 100.0.4896.75.

If the aforementioned update is available, it will begin to download and if not, you will have to wait a few days or even weeks, as the company warns on its blog. As this is a global release, there may be delays.

Keep in mind that once the update is installed, it is necessary to restart the browser for the protection to activate. Otherwise, the system will continue to be vulnerable to possible attacks that exploit the aforementioned flaw.

Other security measures:

Here are some security measures to implement until the patch arrives and even after you receive it to add an extra layer of care, as mentioned on the Center for Internet Safety site

1. Run all software as a non-privileged user (one without administrative privileges) to lessen the effects of a possible attack.

2. Avoid visiting untrustworthy websites or clicking on links provided by unknown sources.

3. Inform and educate users about the threats posed by hypertext links contained in emails or attachments, especially from unreliable sources.

:

Back to top button