Google’s Emergency Update For Chrome

Uploaded on 2022-04-11 in NEWS-Cybersecurity News, FREE TO VIEW

Google has issued an emergency security update pertaining to all Chrome users after it received confirmation that attackers were exploiting a high-severity zero-day vulnerability in the platform. The emergency update is highly unusual as it addresses just one security flaw, validating its urgency. 

Google published a Chrome stable channel update announcement on March 25, confirming reports that an exploit for the vulnerability exists in the wild.All Chrome users are therefore advised to ensure that their browsers are updates as soon as possible. Not much else is known about the vulnerability, tracked as CVE-2022-1096, other than that it is referred to as a Type Confusion in V8. 

Google isn’t saying much more than that there have already been attacks using this zero-day vulnerability. 
Zero-day is the most dangerous form of attack because it means the vulnerability is known to hackers before Google could address and fix it.

As a precaution, the business has withheld certain information from the public, noting that complete specifics on how the exploit worked would not be made public until the majority of customers have the update.

Fortunately, Google was able to deploy a fix before the attack was widely publicised and Chrome version 99.0.4844.84 should be installed as soon as feasible.

The emergency Chrome update to version 99.0.4844.84 is unique in that it only fixes a single security flaw. As a result, all Chrome users are recommended to upgrade their browsers as soon as possible. This references the JavaScript engine employed by Chrome.

The lack of detail is not surprising as the flaw is already being exploited by attackers. Google will likely reveal technical details when an update is able to protect most of the company’s users. Remember to restart your browser after the update has been installed, or it will not activate, and you will still be vulnerable to attack.

Matzav:    Oodaloop:     Toolbox:    Forbes:     Medium:     Happy Geek:     Daily Advent:    Premium Times:

You Might Also Read: 

Log4j Cyber Security Flaw Seriously Concerns Experts:

 

« Russia Hacked Ukrainian Satellite Communications
Cyber Security: GCHQ's Director Speaks Out »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Satisnet

Satisnet

Satisnet is a leading Security Reseller, Managed Security Services Provider (MSSP) and Cyber Training Innovator, with operations throughout the UK, EMEA and United States.

HDI

HDI

HDI is the worldwide professional association and certification body for the technical service and support industry.

Applicure Technologies

Applicure Technologies

Applicure Technologies develops the leading multi-platform web application security software products to protect web sites and web applications from external and internal attacks.

Openminded (OPMD)

Openminded (OPMD)

Openminded is a French security and network services company.

OneVisage

OneVisage

Our award-winning 3DAuth digital identity platform turns any consumer mobile device into a real-time 3D facial scanner that securely authenticates the user in seconds.

Source Defense

Source Defense

Source Defense provides websites with the first ever prevention technology for attacks of third-party origin.

Volexity

Volexity

Volexity is a leading provider of threat intelligence and incident suppression services and solutions.

National Cybersecurity Competence Centre (NC3) - Czech Republic

National Cybersecurity Competence Centre (NC3) - Czech Republic

NC3 has been established in response to growing demands for practically applicable products and solutions for ensuring cybersecurity of critical and non-critical information infrastructures.

Neudomains

Neudomains

Neudomains is a Corporate Domain Name Management and Brand Protection Online Specialist. One of the world's top providers of online brand protection and enforcement.

OmniCyber Security

OmniCyber Security

Omni is a cyber security firm specialising in Penetration Testing, Managed Security and Compliance.

PCS Security (PCSS)

PCS Security (PCSS)

PCS Security provides secure, reliable and state-of-the-art security solutions to help our customers address their security concerns.

Kirk ISS

Kirk ISS

Kirk ISS are the leading provider of IT services in the Cayman Islands. We offer best-in class hardware, software, communications and cloud computing, all backed by professional services support.

KCS Group Europe

KCS Group Europe

KCS Group helps its clients to identify and deal with any risks, weaknesses and threats which could impact on the business financially or reputationally.

Iron Mountain

Iron Mountain

Iron Mountain Incorporated is a global business dedicated to storing, protecting and managing, information and assets.

CliffGuard Cybersecurity

CliffGuard Cybersecurity

CliffGuard Cybersecurity deliver comprehensive services designed to protect your organization from the ever-evolving landscape of cyber threats.

Cyberverse Foundation

Cyberverse Foundation

Cyberverse Foundation is an organization dedicated to building a robust cybersecurity ecosystem in India.