Problems with Google A Chrome update has been released to address a rare zero-day vulnerability | #macos | #macsecurity


We learned earlier this month about a zero-day Chrome exploit that North Korean state-sponsored hackers were able to exploit for nearly a month before a patch was issued in mid-February. In that case, the hackers were able to dupe the unsuspecting with compromised real websites and sites they’d spoofed by securing similar domain names. Now, for the second time in 2022, there is another Chrome zero-day, and Google is releasing yet another patch.

The company explained keeping some information away from the public as a safety measure, stating that full details on how the exploit worked won’t be made public until most users have the fix. Fortunately, this time Google was apparently able to issue a patch before the exploit became widely known. Users should update to Chrome version 99.0.4844.84 as soon as possible.

A new stable channel desktop Chrome update for Windows, Mac and Linux became available Friday. In a Chrome Releases Blog post (found via Bleeping Computer) Google explains that there is one security update in the release, for zero-day exploit CVE-2022-1096, first reported to the company by an anonymous tip on March 23. The zero-day is a weakness in Chrome’s JavaScript engine that can be used by hackers to inject their code into your browser. It’s exactly the kind of thing that malicious actors love to use against their targets. Google won’t provide much more information other than admitting there have already been attacks leveraging this zero-day weakness.

News Summary:

  • Problems with Google A Chrome update has been released to address a rare zero-day vulnerability
  • Check all news and articles from the latest Security news updates.



Original Source link

Leave a Reply

Your email address will not be published.

sixty two + = 70