Update Chrome Now As Hackers Attack 2 Major Vulnerabilities In Google Browser
Google has revealed that two weaknesses in Chrome are under active attack, as users have been urged to update their browsers to avoid becoming a victim.
They were reported to Google via an anonymous party and received a “high” severity rating. Little additional information was provided on where or how the vulnerabilities – known as zero-day, because developers have “zero days” to fix the flaw before it was exploited by malicious hackers – were released. exploited.
The updated version will roll out to Windows, Mac and Linux users “over the next few days / weeks,” Google said in a blog post. When Forbes updated Tuesday morning on an Apple Mac, this was the latest, most secure version, 93.0.4577.82. Users can check which version they are running by clicking the “About Google Chrome” button in the help section of the browser.
Monday was a big day for important security updates. Google also revealed nine other vulnerabilities rated “high” which have been fixed in the latest version of Chrome. Two of them were deemed serious enough to warrant a payment of $ 7,500 to the security researchers who found them. Meanwhile, Apple released an emergency iOS update to address a zero-day vulnerability that was allegedly exploited by Israeli spyware vendor NSO Group, valued at $ 1 billion.
This year has seen a significant number of active campaigns exploiting zero-day weaknesses in major software, with Microsoft tools being the primary target. According to former cybersecurity expert and Kaspersky podcaster Ryan Naraine, there have been 66 zero-day attacks so far in 2021.
According to Google’s own file, Naraine’s data is false. A spreadsheet tweeted by Google security researcher Maddie Stone revealed that there were nine zero-day attacks in nature reported in 2021.
Microsoft has had a particularly difficult year 2021, with attacks targeting Exchange on the rise in recent months. Former security staff member Kevin Beaumont has openly criticized Microsoft for failing to do more to warn users of the need to patch vulnerabilities used by hackers in ransomware attacks in recent weeks.