Google’s Emergency Update For Chrome

Uploaded on 2022-04-11 in NEWS-Cybersecurity News, FREE TO VIEW

Google has issued an emergency security update pertaining to all Chrome users after it received confirmation that attackers were exploiting a high-severity zero-day vulnerability in the platform. The emergency update is highly unusual as it addresses just one security flaw, validating its urgency. 

Google published a Chrome stable channel update announcement on March 25, confirming reports that an exploit for the vulnerability exists in the wild.All Chrome users are therefore advised to ensure that their browsers are updates as soon as possible. Not much else is known about the vulnerability, tracked as CVE-2022-1096, other than that it is referred to as a Type Confusion in V8. 

Google isn’t saying much more than that there have already been attacks using this zero-day vulnerability. 
Zero-day is the most dangerous form of attack because it means the vulnerability is known to hackers before Google could address and fix it.

As a precaution, the business has withheld certain information from the public, noting that complete specifics on how the exploit worked would not be made public until the majority of customers have the update.

Fortunately, Google was able to deploy a fix before the attack was widely publicised and Chrome version 99.0.4844.84 should be installed as soon as feasible.

The emergency Chrome update to version 99.0.4844.84 is unique in that it only fixes a single security flaw. As a result, all Chrome users are recommended to upgrade their browsers as soon as possible. This references the JavaScript engine employed by Chrome.

The lack of detail is not surprising as the flaw is already being exploited by attackers. Google will likely reveal technical details when an update is able to protect most of the company’s users. Remember to restart your browser after the update has been installed, or it will not activate, and you will still be vulnerable to attack.

Matzav:    Oodaloop:     Toolbox:    Forbes:     Medium:     Happy Geek:     Daily Advent:    Premium Times:

You Might Also Read: 

Log4j Cyber Security Flaw Seriously Concerns Experts:

 

« Russia Hacked Ukrainian Satellite Communications
Cyber Security: GCHQ's Director Speaks Out »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Thales

Thales

Thales provides solutions, services and products that help its customers in the defence, aeronautics, space, transportation and digital identity and security markets to fulfil their critical missions.

TechDefence Labs

TechDefence Labs

TechDefence Labs provide pentesting and security assessment services for networks, web apps, mobile apps and source code reviews.

European Recruitment

European Recruitment

European Recruitment is an award-winning, international recruitment agency specialising in niche technology areas including Cyber Security.

Intersec Worldwide

Intersec Worldwide

Intersec Worldwide is a boutique Information Security Firm specializing in PCI Compliance, Assessment, Remediation, Forensics, Data Breach Investigations, Incident Response and IT Managed Services.

KIOS Center of Excellence (KIOS CoE)

KIOS Center of Excellence (KIOS CoE)

KIOS carries out top level research in the area of Information and Communication Technologies (ICT) with emphasis on the Monitoring, Control and Security of Critical Infrastructures.

Cyber Wales

Cyber Wales

Cyber Wales provides a focus and forum for everyone in the industry, helping businesses come together and collaborate both within Wales and internationally.

Berkeley Varitronic Systems (BVS)

Berkeley Varitronic Systems (BVS)

Berkeley Varitronics Systems is an engineering think tank delivering custom wireless RF engineering products and solutions including cyber security.

Cypherix

Cypherix

Cypherix is tightly focused on cryptography and data security. We leverage our expertise to deliver state-of-the-art, world-class encryption software packages.

Swedish Incubators & Science Parks (SISP)

Swedish Incubators & Science Parks (SISP)

Swedish Incubators & Science Parks (SISP) is the Swedish industry association for Swedish incubators and science parks.

SnapAttack

SnapAttack

SnapAttack is a collaborative platform that empowers your security team to stay ahead of threats, create robust behavioral analytics for your existing tools, and prove your program's effectiveness.

Kaesim Cybersecurity

Kaesim Cybersecurity

Kaesim are a global team of cybersecurity experts protecting businesses since 2015. We stop bad people damaging your business, your data and your reputation.

Infisign

Infisign

Infisign addresses the challenges of traditional IAM systems and offers a comprehensive solution for modern identity management.

TRM Labs

TRM Labs

TRM enables risk management and compliance for a global community of financial institutions, cryptocurrency businesses and government agencies.

Alset Technologies

Alset Technologies

Alset Technologies provides DASH - a comprehensive solution to DISA STIG (Security Technical Implementation Guide) compliance.

Relatech

Relatech

Relatech is a Digital Enabler Solution Knowledge (D.E.S.K.) Company that offers digital services and solutions dedicated to the digital transformation of businesses.

Relyance AI

Relyance AI

Relyance AI - One unified platform for privacy, security, & governance.