Google’s Emergency Update For Chrome

Google has issued an emergency security update pertaining to all Chrome users after it received confirmation that attackers were exploiting a high-severity zero-day vulnerability in the platform. The emergency update is highly unusual as it addresses just one security flaw, validating its urgency. 

Google published a Chrome stable channel update announcement on March 25, confirming reports that an exploit for the vulnerability exists in the wild.All Chrome users are therefore advised to ensure that their browsers are updates as soon as possible. Not much else is known about the vulnerability, tracked as CVE-2022-1096, other than that it is referred to as a Type Confusion in V8. 

Google isn’t saying much more than that there have already been attacks using this zero-day vulnerability. 
Zero-day is the most dangerous form of attack because it means the vulnerability is known to hackers before Google could address and fix it.

As a precaution, the business has withheld certain information from the public, noting that complete specifics on how the exploit worked would not be made public until the majority of customers have the update.

Fortunately, Google was able to deploy a fix before the attack was widely publicised and Chrome version 99.0.4844.84 should be installed as soon as feasible.

The emergency Chrome update to version 99.0.4844.84 is unique in that it only fixes a single security flaw. As a result, all Chrome users are recommended to upgrade their browsers as soon as possible. This references the JavaScript engine employed by Chrome.

The lack of detail is not surprising as the flaw is already being exploited by attackers. Google will likely reveal technical details when an update is able to protect most of the company’s users. Remember to restart your browser after the update has been installed, or it will not activate, and you will still be vulnerable to attack.

Matzav:    Oodaloop:     Toolbox:    Forbes:     Medium:     Happy Geek:     Daily Advent:    Premium Times:

You Might Also Read: 

Log4j Cyber Security Flaw Seriously Concerns Experts:

 

« Russia Hacked Ukrainian Satellite Communications
Cyber Security: GCHQ's Director Speaks Out »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Echelon

Echelon

Echelon Company is a provider of information security services specializing in certification of security software and hardware products in Russia.

HID Global

HID Global

HID Global is a trusted leader in products, services and solutions related to the creation, management, and use of secure identities.

Team8

Team8

Team8 is Israel’s most prestigious cybersecurity think tank and venture creation foundry.

Towergate Insurance

Towergate Insurance

Towergate Insurance is a leading UK specialist insurance broker. Business products include Cyber Liability Insurance.

Managed Security Services (MSS)

Managed Security Services (MSS)

MSS deliver consultancy services and managed security services for IT departments who may lack the time, resources, or expertise themselves.

CSI

CSI

CSI is a Managed Service Provider (MSP) delivering Hybrid Multi-Cloud, Data Protection, and Cyber Security solutions to highly regulated industries.

SafenSoft (SnS)

SafenSoft (SnS)

SafenSoft delivers high-efficiency, low-impact proactive protection against malware, insider threats, and confidential data leakage.

Center for Long-Term Cybersecurity (CLTC)

Center for Long-Term Cybersecurity (CLTC)

The Center for Long-Term Cybersecurity is developing and shaping cybersecurity research and practice based on a long-term vision of the internet and its future.

Edvance

Edvance

Edvance operates a range of cybersecurity businesses including value added cybersecurity solutions distribution, security technology innovation and development, and SaS solution offerings.

Marcus Donald People

Marcus Donald People

Marcus Donald People is a UK IT recruitment specialist covering the following sectors: Infrastructure & Cloud, Information Security, Development, Business transformation.

Chicago Quantum Exchange (CQE)

Chicago Quantum Exchange (CQE)

Chicago Quantum Exchange is an intellectual hub and community of researchers with the common goal of advancing academic and industrial efforts in the science and engineering of quantum information.

Privakey

Privakey

Transaction Intent Verification. Privakey delivers a secure channel to streamline high risk transactions, enabling digital trust between services and their users.

Edureka

Edureka

Edureka is an online technology training provider with the most effective learning system in the world. We help professionals learn trending technologies for career growth.

SEMNet

SEMNet

SEMNet is an IT solutions provider and an infrastructure and security consulting firm.

Grant Thornton

Grant Thornton

Grant Thornton is one of the world’s leading networks of independent assurance, tax and advisory firms.

Guernsey

Guernsey

Guernsey provides a wide range of engineering, architecture and consulting services to multiple markets, including cybersecurity consulting and CMMC certification.