Google fixes new critical security holes in Chrome

A new Google Chrome browser update brought with it the fix for nothing less than security vulnerabilities, including two of a critical nature. The loopholes were of the zero-day (or “zero day”) type, those that were not even known by the browser developers, but were being exploited by malicious agents in attacks involving remote code execution.

  • Brazil is the 5th largest target for cybercrime in the world in 2021
  • How a journalist ended a phishing campaign in two days
  • Russian operator suffers the biggest denial of service attack in history
  • In both of the most severe cases, the problem was in the browser’s memory usage, with one of them hooked up to a JavaScript engine and the other to a software API. In either case, abusing the flaw could lead to a browser crash, but knowing what to do, a criminal could also run malware or gain access to services and systems outside of a sandbox (virtual testing environment) in which the browser was running, for example, opening the door to a myriad of different types of scams.

    According to Google, the two vulnerabilities were exploited in attacks, but the company did not provide further details on the case. The update also represents the tenth zero-day type hole fixed in Chrome only in 2021, with almost monthly updates to mitigate such issues that could lead to attacks against browser users.

    Want to catch up on the best tech news of the day? Access and subscribe to our new channel on youtube, Canaltech News. Every day a summary of the main news from the tech world for you!

    4577

    For this reason, the recommendation to everyone is regarding the immediate application of the update. The process usually happens automatically, but if you want to perform the update manually, just access the menu at the top right of the browser and click About Google Chrome. The fixes will be downloaded immediately and, after a browser restart, will be applied.

    Other loopholes fixed by the update 82.0.4577.11 of the browser, already available for Windows, Mac and Linux operating systems include problematic implementations of Blink rendering technology and other openings related to writing and executing code outside the bounded limits of memory. Unlike the zero-day vulnerabilities, however, these were still resolved during previous browser testing, without reaching users or being exploited by malicious individuals.

    Source: Google Chrome Releases

    Did you like this article?

    Subscribe your email on Canaltech to receive daily updates with the latest news from the world of technology. 4577 4577

    4577 4577

Related Articles

Back to top button