Google Chrome under attack via zero-day flaw — what to do now

1. Home
2. News
3. Security

Google Chrome under assail via aught-day flaw — what to practise at present

(Image credit: Big Tuna Online/Shutterstock)

Update your desktop Chrome browser, because doing so patches a nil-solar day flaw that's being actively exploited in the wild past undisclosed hackers.

Google'southward official Chrome blog says only that the vulnerability, given the itemize number CVE-2021-21166, is an "object lifecycle issue in audio" with "loftier" severity and that Google "is aware of reports" that the flaw is existence exploited.

• Google Chrome 89 is here — these are the all-time new features
• Hither's our list of the all-time Android browsers
• Plus: Brave is taking on Google with its own 'individual' search engine

Google's general policy is to not release too many details nearly vulnerabilities before patches tin be widely deployed. This 1 is considered a naught-day flaw because it was exploited before Chrome was aware the flaw existed.

To update Chrome on Windows and Mac, you oft need to just close and and so relaunch the browser. But to be sure, click the Settings icon (it looks like three vertical dots) in the top right of the browser window.

In the resulting pop-out carte du jour, slide your cursor down to Help, then slide over and click "About Google Chrome" in the fly-out carte that appears.

Chrome volition open a new tab notifying you lot whether your browser build is up to date. If it isn't, Chrome volition download the update automatically, then prompt you to relaunch the browser. Yous desire to cease up on version 89.0.4389.72.

Linux distributions generally update the Chrome browser through routine updates covering all installed software.

The discovery of this vulnerability is credited to Alison Huffman of the Microsoft browser vulnerability research squad. Huffman is credited with finding two other flaws patched in this week'due south Chrome update, which patches a total of 47 flaws.

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel give-and-take at the CEDIA home-technology conference. You tin can follow his rants on Twitter at @snd_wagenseil.

Source: https://www.tomsguide.com/news/chrome-patch-audio-zero-day

Posted by: williamssuest1997.blogspot.com

Share this post