Google Chrome users are urged to update another critical patch, which is the second one in just a week, as the big tech discovered four high-level vulnerabilities that hackers could infiltrate.
(Photo : by ISSOUF SANOGO/AFP via Getty Images)
A woman uses a laptop on April 3, 2019, in Abidjan. – According to the figures of the platform of the fight against cybercrime (PLCC) of the national police, nearly one hundred crooks of the internet, were arrested in 2018 in Ivory Coast, a country known for its scammers on the web, has announced on April 2, 2019 the Ivorian authority of regulation of the telephony.
As such, Google warned its 2.6 billion users of the popular web browser, Chrome, to download the critical update that seeks to fix the numerous vulnerabilities hiding beneath the app.
Google Chrome Users Urged to Update ASAP Again
The tech giant issued the warning in its latest blog post, highlighting the existence of more security vulnerabilities in the browser.
As per Forbes, the latest security flaws come days after Google Chrome released its 12th and 13th ‘zero day’ exploits for 2021.
(Photo : Andrew Matthews/PA Images via Getty Images)
A person holds an iphone showing the app for Google chrome search engine. PA Photo. Picture date: Friday January 3, 2020.
Now, Google just confirmed another set of security issues that requires Chrome users to update as soon as possible again.
The blog post from the search engine giant, which also owns one of the biggest web browsers, only mentioned that the latest update includes a total of four security fixes.
Google Chrome Four High-Level Vulnerabilities
However, it is to note that Google restricted the information about the issues as part of the standard industry practice, which helps its users buy time to download the latest patch.
Nevertheless, Forbes still collected information about the four high-level flaws in the same report. To be precise, the CVE-2021-37978 is found on the heap buffer overflow in Blink, whereas the CVE-2021-3977 exists on the Garbage Collection.
Not just that, the CVE-2021-37979 was also from another heap buffer overflow, but this time within the WebRTC. Meanwhile, the CVE-2021-37980 is due to the inappropriate implementation in the Sandbox of Chrome.
Read Also: Google Search Can Now Tune Your Guitar or Any Stringed Instruments | Google Tuner Now Available in PC, Mobile
Google Warns Chrome Users
According to News.com.au’s report, the threat analysis group of Google or TAG warned Chrome users that hackers have “created malformed code signatures,” which security scanners using the OpenSSL code failed to detect.
On top of that, Windows also deemed the code signature of the hackers as valid, making it a possible undetected infiltration for the criminal minds.
What’s more, TAG further noted that the said technique that hackers did on Chrome is being used by software under the OpenSUpdater line.
It is to note that OpenSUpdater is categorized as a “riskware” that shows ads on browser users to install sketchy apps on PCs.
TAG also revealed that the said technique mostly goes for users in the United States who usually download gaming apps online.
The latest warning from Google comes after the tech giant announced two vulnerabilities last Oct. 3.
The search engine giant then urged Chrome users to also update their browsers ASAP to fix the two security flaws.
Related Article: New Google Partnerships To Enhance APP Through Free 10,000 Security Keys for Journalists, Other Users
This article is owned by Tech Times
Written by Teejay Boris
ⓒ 2021 TECHTIMES.com All rights reserved. Do not reproduce without permission.