Google Chrome releases an urgent update, users should download it immediately

Google has rolled out Chrome version 99.0.4844.84 for Windows, Mac and Linux, urging users to update their browsers as soon as possible.

STRONG POINTS

  • Google has rolled out a critical patch for the Chrome browser.
  • The vulnerability has reportedly already been exploited.
  • Google Chrome users are advised to update their browser immediately.

If you are using Google Chrome, you should update your app immediately. Google has confirmed that its browser has a high-risk zero-day vulnerability that hackers are already exploiting. This means that your data and the device on which the Chrome browser is installed may remain subject to hacking until the new update is installed. The fact that Google released the new version as an emergency update hints that this security issue in the browser is serious.

Google has rolled out Chrome version 99.0.4844.84 for Windows, Mac and Linux, urging users to update their browsers as soon as possible. In a blog post on Chrome releases, Google explained that this release only has one security update focused on zero-day exploit CVE-2022-1096, which was first reported. by an anonymous researcher earlier this month. As Google explains, this zero-day vulnerability resides in Chrome’s JavaScript engine and exploits are already underway by hackers to inject malicious code into the browser. Google said it won’t reveal more information about the vulnerability until a large number of Chrome users download the patch.

Since the vulnerability exists in the Chromium engine, it also affects the Microsoft Edge browser. Microsoft has confirmed that the vulnerability exists in Edge and has already deployed a patch to provide protection against any potential exploits. Microsoft Edge browser running version 99.0.1150.55 or higher is no longer vulnerable to the CVE-2022-1096 vulnerability, but if you have a version lower than that, you should take this matter a bit seriously and put update your browser.

What is the CVE-2022-1096 vulnerability?

Although not much is known about this vulnerability, some research papers have hinted that CVE-2022-1096 is a “type confusion in V8”. It simply refers to the JavaScript engine in Google Chrome and Microsoft Edge, both of which are Chromium-based browsers. Since the anonymous researcher shared the details of the vulnerability privately with Google, it’s up to Google now when and if they want to release the details. Its current decision not to do so may be based on the assumption that it would create panic and people would resort to uninstalling Chrome instead of updating it.

How to update Google Chrome?

It’s very simple. Access the Chrome menu by clicking on the three dots in the upper right corner. Now head to Help. Click “About Google Chrome”. Your browser will automatically start searching for a new update and when it finds one, the download will also start automatically. Once the update is downloaded and installed, Chrome will ask you to relaunch the browser for the changes to take effect. Although restarting your system is not a required step in the process, I recommend that you do so.


Source link

Comments are closed.