Google Issues Warning For 2 Billion Chrome Users Tech Companies

Google Chrome continues to dominate the web browser market with more than two billion users worldwide. The flipside is it also dominates the attention of hackers causing Google to issue its third urgent upgrade warning in a month. 

MORE FROM FORBESGoogle Confirms 7th Chrome ‘Zero Day’ Vulnerability, Upgrade Now

In an official blog post, Google revealed that a new ‘zero-day’ exploit (CVE-2021-30563) has been discovered in Chrome and — like the previous attack — it follows an anonymous tip-off. Unlike the majority of security flaws, a zero-day classification means the exploit has been made public before the company could patch it. Writing on its blog, Google confirmed it “is aware of reports that an exploit for CVE-2021-30563 exists in the wild.” 

Little is known about the exploit other than Google’s categorization that it is a “Type Confusion in V8” — which is the open source JavaScript engine at the heart of Chrome. Such secrecy is standard for zero-day bugs as Google tries to minimize the spread of the hack before Chrome users have the chance to upgrade and protect themselves. 

To combat this new threat, all Chrome users should navigate to Settings > Help > About Google Chrome. If your browser version on Linux, macOS and Windows is listed as 91.0.4472.164 or above you are already safe. If not, manually check for updates then restart the browser once the update is ready. Google has also confirmed that six other ‘High’ level threats are patched in this version of Chrome as well as a single ‘Medium’ level vulnerability. 

MORE FOR YOU

CVE-2021-30563 is the eighth zero-day vulnerability found in Chrome this year and the third in a month. It is to Google’s credit that it typically releases fixes for zero-day attacks within a few days but their effectiveness is ultimately determined by the speed with which Chrome users update their browsers. 

Attacks on Chrome have been particularly prevalent in recent months, most notably from a group of hackers calling themselves PuzzleMaker. The group has been successful in chaining together Chrome zero-day bugs to install malware on Windows systems. Microsoft itself issued an urgent security warning for Windows users about this in June. 

As it stands, Chrome users would be wise to watch out for updates and ensure both your browser and operating system are kept up to date. 

___

Follow Gordon on Facebook

More On Forbes

Google Confirms 7th Chrome ‘Zero Day’ Vulnerability, Upgrade Now

Chrome ‘Zero Day’ Exploit Revealed, Google Pushes Urgent Upgrade

social experiment by Livio Acerbo #greengroundit #thisisnotapost #thisisart