Google’s Emergency Update For Chrome

Uploaded on 2022-04-11 in NEWS-Cybersecurity News, FREE TO VIEW

Google has issued an emergency security update pertaining to all Chrome users after it received confirmation that attackers were exploiting a high-severity zero-day vulnerability in the platform. The emergency update is highly unusual as it addresses just one security flaw, validating its urgency. 

Google published a Chrome stable channel update announcement on March 25, confirming reports that an exploit for the vulnerability exists in the wild.All Chrome users are therefore advised to ensure that their browsers are updates as soon as possible. Not much else is known about the vulnerability, tracked as CVE-2022-1096, other than that it is referred to as a Type Confusion in V8. 

Google isn’t saying much more than that there have already been attacks using this zero-day vulnerability. 
Zero-day is the most dangerous form of attack because it means the vulnerability is known to hackers before Google could address and fix it.

As a precaution, the business has withheld certain information from the public, noting that complete specifics on how the exploit worked would not be made public until the majority of customers have the update.

Fortunately, Google was able to deploy a fix before the attack was widely publicised and Chrome version 99.0.4844.84 should be installed as soon as feasible.

The emergency Chrome update to version 99.0.4844.84 is unique in that it only fixes a single security flaw. As a result, all Chrome users are recommended to upgrade their browsers as soon as possible. This references the JavaScript engine employed by Chrome.

The lack of detail is not surprising as the flaw is already being exploited by attackers. Google will likely reveal technical details when an update is able to protect most of the company’s users. Remember to restart your browser after the update has been installed, or it will not activate, and you will still be vulnerable to attack.

Matzav:    Oodaloop:     Toolbox:    Forbes:     Medium:     Happy Geek:     Daily Advent:    Premium Times:

You Might Also Read: 

Log4j Cyber Security Flaw Seriously Concerns Experts:

 

« Russia Hacked Ukrainian Satellite Communications
Cyber Security: GCHQ's Director Speaks Out »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

City Security Magazine

City Security Magazine

City Security magazine helps promote best security practices and keep businesses informed on a wide variety of security-related issues.

Cyanre

Cyanre

Cyanre delivers state of the art cyber forensic services through software technologies and procedures that exceed conformities of major law enforcement agencies across the globe.

PROMIA

PROMIA

PROMIA is in the business of providing solutions that are designed to support highly secure, reliable, scalable and interoperable business applications.

RedShield Security

RedShield Security

RedShield is the world's first web application shielding-with-a-service company.

ArcusTeam

ArcusTeam

ArcusTeam is at the forefront of the firmware and applications security industry, with a mission to increase the level of security on all IoT devices and applications.

SHIELD

SHIELD

SHIELD is an established end-to-end fraud management solution that blocks fraudulent activities such as account takeovers, fake accounts creation, fraudulent payments, loyalty fraud and more.

CryptoMill Cybersecurity Solutions

CryptoMill Cybersecurity Solutions

CryptoMill Cybersecurity Solutions provides advanced, innovative data security solutions for enterprises, professionals and individuals.

StepStone

StepStone

StepStone is one of the leading online job platforms in Germany, and other countries, covering all industry sectors including IT and cybersecurity.

Ecubel

Ecubel

Ecubel is the market leader in Belgium in buying and selling used IT harware guaranteed by a certified data erasure.

BluBracket

BluBracket

BluBracket is the first comprehensive security solution that makes code safe—so developers can innovate and collaborate, and security teams can sleep at night.

DDLS

DDLS

DDLS is Australia's largest provider of corporate IT, process training and cybersecurity training courses and certification programs.

CyberXposure

CyberXposure

CyberXposure has been built by a team comprising of Cyber Security Professionals and SAAS experts in data backup, disaster recovery and cyber-security.

MLSecOps Community

MLSecOps Community

The MLSecOps Community is a collaborative space for machine learning security experts and industry leaders to connect and shape the future of AI/ML security.

inSOC

inSOC

inSOC is an enterprise-grade AI-driven SOCaaS solution detecting breaches 24/7 with vulnerability management built-in. Designed for MSPs and MSSPs.

Smartcomply

Smartcomply

Smartcomply is an automated and AI-powered cybersecurity and compliance platform that aids businesses in reducing the time and money spent on cybersecurity and compliance.

CloudBees

CloudBees

CloudBees is building the world’s first end-to-end automated software delivery system, enabling companies to balance governance and developer freedom.