Google Chrome security alert — why you should update right now
Google Chrome security alert — why you lot should update correct at present
Information technology'south time to update Google Chrome and related browsers once again: Google has just released a fix for the second actively exploited Chrome zero-solar day security flaw in two weeks. The fix applies to Windows, macOS and Linux.
"CVE-2020-16009 is a v8 bug used for remote code execution," wrote Google Project Naught technical lead Ben Hawkes on Twitter yesterday (November. ii). He was referring, respectively, to the flaw's catalog number, the Chrome component that handles JavaScript and the fact that the flaw tin can be exploited over the net.
- See the all-time Chromebooks you can buy
- The best Black Friday deals now
- How to watch US Presidential Election: Live stream Election Day 2020
"Google is aware of reports that an exploit for CVE-2020-16009 exists in the wild," wrote Chrome technical program manager Prudhvikumar Bommana in an official weblog mail listing the security fixes in Chrome version 86.0.4240.183.
That'southward all Bommana or Hawkes would say nigh this vulnerability. The Chromium bug entry with more details is locked to all but Chrome developers, as you lot might await with a flaw that'southward not totally been fixed.
Today Chrome fixed 2 more vulnerabilities that were being actively exploited in the wild (discovered past Project Cipher/Google TAG last calendar week). CVE-2020-16009 is a v8 problems used for remote code execution, CVE-2020-16010 is a Chrome sandbox escape for Android. https://t.co/IOhFwT0Wx1November 2, 2020
Chromium is the open-source lawmaking that runs underneath Brave, Chrome, Edge, Opera, Vivaldi and many other browsers that aren't named Firefox or Safari.
Google fixed a previous, technically unrelated, zippo-day flaw two weeks agone (Oct. 20), and related browsers speedily followed arrange. ("Zero-twenty-four hours" means that developers have no time to prepare a flaw earlier bad guys start using information technology in attacks.)
But this past Fri (Oct. 30), however, Google revealed a Windows zero-day flaw that was being used in combination with the kickoff Chrome flaw to hijack PCs via malicious websites. It'southward not articulate if yesterday's new flaw has anything to do with those attacks.
How to manually update Chrome and its siblings
Most installations of Chrome and Chromium variants will update themselves if you close the browser and and then relaunch it again, although non all Chromium variants may yet take released new versions to patch this flaw.
At the time of this writing, Brave had not released an update, merely Edge had a new update for which details were not immediately available.
To manually start a Chrome or Chromium-based update, find and click on the 3 lines or dots in the top correct of the browser window. Scroll down to About, or Help --> Virtually, and select Most.
A new tab should open up listing the version number of the browser you're running. If an new version is available, the browser volition automatically download it and prompt you lot to relaunch.
You want to update to version 86.0.4240.183 in Chrome or Brave, although the latter doesn't have that version set up yet. In Border, the latest version is 86.0.622.61.
Android flaw too fixed
In his tweets, Hawkes revealed that Chrome for Android was also being updated to version 86.0.4240.eighteen to patch a split flaw.
The update will roll out to different devices over the coming weeks, merely our telephone got the update last nighttime. Android will prompt you that updates are available if it doesn't install them automatically.
Source: https://www.tomsguide.com/news/chrome-another-emergency-patch
Posted by: beaversardiner44.blogspot.com
0 Response to "Google Chrome security alert — why you should update right now"
Post a Comment