Google Chrome is now used by approximately 2.65BN users as it dominates the web browser market. The problem with such dominance, however, is Chrome has become the number one target for hackers and now Google has had to issue another serious upgrade warning.
In a new blog post, Google has revealed that two new ‘zero-day’ exploits (CVE-2021-30632 and CVE-2021-30633) have been discovered in Chrome for Linux, macOS and Windows. And — like the previous two attacks — they have come from anonymous tip-offs. Their zero-day classifications mean hackers have been able to exploit them before Google could release fixes, making them significantly more dangerous than most security flaws. Writing on its blog, Google confirmed it “is aware that exploits for CVE-2021-30632 and CVE-2021-30633 exist in the wild.”
As is standard practice, Google is currently giving little away about these zero-day flaws. This is to limit their spread and buy time for users to protect themselves. Consequently, other than ranking their threat as “High”, this is all Chrome users have to go on right now:
- High — CVE-2021-30632: Out of bounds write in V8. Reported by Anonymous on 2021-09-08
- High — CVE-2021-30633: Use after free in Indexed DB API. Reported by Anonymous on 2021-09-08
UAF vulnerabilities were the source of five ‘High’ rated Chrome threats earlier this month, while V8 was the target of the last zero-day Chrome hack in July. Google also warns that nine further “high” level threats have been found in Chrome, but they are not currently believed to have been exploited in the wild.
To combat these new threats, all Chrome users should navigate to Settings > Help > About Google Chrome. If your browser version on Linux, macOS or Windows is listed as 93.0.4577.82 or above you are safe. Google states that this new, protected version of Chrome “will roll out over the coming days/weeks” so you may not be able to protect yourself right away. If you can upgrade, you should do so then restart your browser immediately.
Google continues to fix Chrome flaws at a rapid pace, but this is only effective if its billions of users also do their part. Attacks on Chrome are growing as it becomes ever more dominant in the marketplace, making it essential to keep your browser up-to-date at all times. Go check it right now.
Original article written by: Gordon Kelly | Forbes
As your business grows, safeguarding the applications and systems it relies on involves a unique approach that balances accessibility with cybersecurity. At Raptor IT Consultants, our mission is to establish a foundation for your network resources that empowers users to work efficiently, while offering scalable, managed IT services that complement any business model; affordably. #raptoritnetwork