Google Chrome has more than two billion users worldwide and dominates the web browser market. But that also makes it the main target of hackers and now Google has released its fourth urgent update warning in two months.
Google has warned users about seven new “high” security risks in Chrome
LightRocket using Getty Images
In an official blog post, Google has revealed that seven high-scoring security threats have been discovered in Chrome, affecting Chrome users across all major operating systems: Windows, MacOS, and Linux.
Google is currently giving little about the flaws. This is standard practice, as the company tries to limit the information to stop the spread of these vulnerabilities to hackers and gain time for users to protect themselves. Accordingly, this is what Chrome users should continue right now:
- High – CVE-2021-30598: Confusion type in V8. Reported by Manfred Paul
- High – CVE-2021-30599: Confusion type in V8. Reported by Manfred Paul
- High – CVE-2021-30600: Used after printing. Reported by 360 Alpha Lab
- High – CVE-2021-30601: Use after free in API extensions. Reported by 360 Alpha Lab
- High – CVE-2021-30602: use after free in WebRTC. Reported by Cisco Talos
- High – CVE-2021-30603: runs on WebAudio. Reported by Google Project Zero
- High – CVE-2021-30604: used after free in ANGLE. Reported by SecunologyLab
What I can tell you is that “Type Confusion in V8” is the open source JavaScript engine in the middle of Chrome. “WebRTC” (real-time web communications) is a technology that allows you to transfer audio and video streaming data between browsers and mobile applications. “ANGLE” (Almost Native Graphics Layer Engine) is Google’s open source cross-platform graphics engine abstraction layer. Printing and extensions are self-explanatory.
Historically, all of these have been used by hackers to execute code to take control of a target’s computer. Chrome’s latest zero-day hacking (where hackers are known to exploit a vulnerability before Google can’t fix it) was a flaw in the V8.
To combat these new threats, all Chrome users should go to Settings> Help> About Google Chrome. If your browser version on Linux, macOS, and Windows is listed 92.0.4515.159 or higher, you are safe. Otherwise, the About screen will prompt you to refresh and restart your browser. You should do this immediately.
It is a recognition of Google that fixes are usually posted for high-level attacks a few days after their discovery, but their effectiveness still depends on billions of users updating and restarting browsers.
Chrome is a great browser, but the attacks are growing and this year there have already been eight zero-day Chrome hacks. It is now vital to keep Chrome up to date at all times. Go check it out now.
___
Follow Gordon Facebook
More about Forbes
Google launches new Chrome update warning after eighth hack “Zero Day” in 2021
Chrome’s “Zero Day” exploit is revealed, Google is doing an urgent update