Google Urges Windows Users To Update Chrome Amid New Security Threats

Uploaded on 2024-10-29 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms

promotion

Google has issued an urgent alert, advising nearly 2 billion Windows users to update their Chrome browser to prevent potential security threats as cyberattacks continue to rise.

In 2023 alone, there were 2,365 cyberattacks affecting 343,338,964 victims. This warning is a reminder that all devices, including Chromebooks, need strong protection from online threats.

While ChromeOS is known for its secure design, it isn’t immune to malware and other digital threats, driving the need for a robust antivirus for Chromebooks. With malicious apps targeting thousands of devices, even on the Google Play Store, it's crucial to protect your Chromebook.

According to technology writer Ilijia Miljkovac, tested and recommended antivirus options specifically for ChromeOS provide the right level of security for your Chromebook. The best antiviruses for Chromebooks can protect your computer from viruses and hackers by providing real-time protection. Without it, users are left vulnerable to cyber risks like identity theft, financial loss, and privacy invasion.

From Google’s side, their new update fixes three serious security problems that hackers could use to attack your devices. The update is available as version 130.0.6723.69/.70 and will install automatically, but you need to restart your browser for it to take effect.

Understanding The V8 Engine & Its Issues

One of the problems that was fixed affected Chrome extensions, while the other two were related to memory issues in the V8 JavaScript engine that runs Chrome. Kaspersky, a global security firm based in Russia, explained that every web browser relies on its JavaScript engine, and Chrome uses one called V8, which is Google’s open-source engine.

To use less memory and run faster, V8 has a complicated engine, one interpreter, and three Just-In-Time (JIT) compilers to process JavaScript efficiently. However, these JIT compilers often introduce new security gaps, especially when major code changes are made or new compilers are added. These weak spots can have a big impact because of how widely Chrome is used.

There are several reasons for these V8 issues:

Complexity, as V8 is a complex program, and its detailed design can sometimes lead to security issues.

Frequent updates and new features can unintentionally create security risks.

As Chrome is so popular, V8 is a major target for hackers who are always looking for new weaknesses.

Even though V8 vulnerabilities are a concern, Google is working hard to fix them through regular security updates.

Recent Cyber Attacks & Their Impact

Recently, these problems were used to attack unsuspecting users. Kaspersky shared a detailed look at a Chrome security problem from earlier this year, called Common Vulnerabilities and Exposures CVE-2024-4947 involving a "type confusion" issue in V8. Google quickly warned users that hackers were actively using it. CVE-2024-4947 was a flaw in a new, improved compiler within V8.

The attack was detected on the computer of a home user who visited detankzone[.]com. The website looked like a genuine product page for a decentralized finance (DeFi) NFT-based multiplayer tank game, encouraging users to download a trial version.

However, this was just a cover. The harmful script was hidden on the site, and simply visiting it was enough to get infected—the game was just a mask. When attackers exploit CVE-2024-4947, hackers take complete control of their devices. When this happens, they can steal your personal information, such as passwords, bank details, and photos. They can also use your device to send spam emails, launch attacks on other computers, or even hold your data hostage for ransom.

The U.S. cybersecurity agency added this flaw to its ‘Known Exploited Vulnerabilities list’ as CVE-2024-4947 and told all federal employees to update their computers. So far, there haven’t been reports of new attacks, but similar issues often lead to more threats popping up.

Kaspersky links the attacks to the Lazarus APT group, described as a very skilled and versatile hacking team that speaks Korean. They used a backdoor attack with a tool called Manuscrypt, which the Lazarus group has been using since at least 2013.

Kaspersky found that this malware has been used in over 50 attacks on many types of organizations, like governments, banks, military contractors, cryptocurrency platforms, IT companies, gaming businesses, media outlets, casinos, universities, and security researchers.

Microsoft also released a warning saying that a North Korean hacker took advantage of Chrome’s zero-day vulnerability. Microsoft Edge handles things differently, making it less vulnerable. This is why Microsoft says Edge is safer than Chrome, especially with warnings like this.

Kaspersky’s report explains the attack in detail, warning users how easily they can be targeted by following clues left by these attacks while browsing the web.

The Importance Of Being Cautious Online

For Chrome’s 2 billion users, the key message is to be careful with links in social media posts and phishing emails. Attackers often lead people to dangerous websites using these links. Once you’re on these sites, hackers can start stealing your data—beginning with cookies and login details and sometimes even getting into your whole device.

The NFT-based multiplayer tank game incident shows why it’s important to avoid suspicious links. Just one click can put your information and device at risk. Kaspersky's report also points out the irony that the company's software was recently taken off Google’s Play Store because of U.S. sanctions on Russia. Still, Chrome users are urged to keep their browsers updated to reduce the risks of V8 memory problems.

Fake crypto and NFT sites have become notorious for exposing unsuspecting users to hackers. This comes amid the flood of crypto platforms and new tokens popping up all the time, making it difficult for ordinary people to keep up with which platforms are legitimate. Another industry where customers are often targeted is through retail and eCommerce sites.

Why You Should Keep Chrome Updated

Keeping Google Chrome updated is important for a few key reasons. Old software can have weak spots that hackers use to launch attacks like viruses, ransomware, and phishing scams. Cyberattacks are constantly evolving and becoming more sophisticated every day, so it's crucial to have the latest security features to protect yourself.

Here are the reasons to keep your Chrome up to date:

Better security helps to protect your computer from hackers and viruses.
Adds new tools and improvements.
Makes Chrome run faster and uses less space.
Works better with the latest websites and technologies.
Fixes problems that can cause crashes or other issues.

When you keep your software updated it makes you safer online, improves your experience, and protects your important data.

It’s a simple step with a big impact on your digital life. You can enjoy the latest technology and web standards because Updated software has fewer problems.

Conclusion

The recent security threat reminds us that it is essential for all users to keep Google Chrome up to date. With nearly 2 billion users at risk, it’s crucial to act fast and install the latest updates to protect against vulnerabilities. Updates can keep your data safe and help you enjoy a smoother online experience by regularly updating your browser.

So, make sure to update to version 130.0.6723.69 or .70 and restart your browser to ensure you’re protected.

Image: Pixabay

You Might Also Read:

AI & Biometrics In Cybersecurity:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.