Google Chrome isn’t having the best year in 2024. The web browser has been hit with a bunch of vulnerabilities, though Google quickly patched them up.
In the latest twist, Microsoft found another vulnerability in Chrome, which Google admitted is being exploited by hackers.
The search giant rolled out an update to fix it just two days after finding out. So, if you haven’t updated your browser yet, you'll want to do it now.
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
Google hasn’t revealed how the vulnerability affects users or how hackers are exploiting it. That’s probably because the company doesn’t want to give threat actors any ideas and also wants to give users enough time to update their Chrome browser.
"Until a majority of users are updated with a fix, we will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on but haven’t yet fixed," the company said.
Tracked as CVE-2024-7971, Google has described it as a type confusion bug in the V8 JavaScript and WebAssembly engine.
"Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page," according to a description of the bug in the NIST National Vulnerability Database (NVD).
In simple terms, this vulnerability allows hackers to take control of your Chrome browser on your desktop by tricking it with a fake HTML page. If successful, they could steal your data or install malicious software, all without your knowledge.
The vulnerability was found and reported by the Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) Aug. 19.
We contacted Google requesting comment, and a representative confirmed that Google has issued an update to patch this issue.
ALERT: 4.3 MILLION AMERICANS EXPOSED IN MASSIVE HEALTH SAVINGS ACCOUNT DATA BREACH
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
Google has updated the Chrome stable channel to 128.0.6613.84/.85 for Windows and Mac, plus 128.0.6613.84 for Linux. The update should download to your PC automatically, but you are advised to check and restart the browser to ensure it installs. See the steps below to learn how.
The vulnerability is unlikely to affect mobile devices. Still, you can update Chrome via the Google Play Store (Android) or App Store (iOS) by searching for Chrome and tapping Update if available.
MASSIVE SECURITY FLAW PUTS MOST POPULAR BROWSERS AT RISK ON MAC
WORLD’S LARGEST STOLEN PASSWORD DATABASE UPLOADED TO CRIMINAL FORUM
While updating Chrome should fix the vulnerability, below are some security tips you can follow to further bolster your privacy and security.
1. Have strong antivirus software: Hackers often gain access to devices by sending infected emails or documents or tricking you into clicking a link that downloads malware. You can avoid all of this by installing strong antivirus software that will detect any potential threat before it can take over your device or router.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
2. Recognize urgent requests as potential scams: Always be wary if someone is urgently requesting you to do something like send money, provide personal information or click on a link. Chances are it’s a scam.
3. Use strong and unique passwords: Create strong passwords for your accounts and devices, and avoid using the same password for multiple online accounts. Consider using a password manager to securely store and generate complex passwords. It will help you to create unique and difficult-to-crack passwords that a hacker could never guess. Second, it also keeps track of all your passwords in one place and fills passwords in for you when you’re logging into an account so that you never have to remember them yourself. The fewer passwords you remember, the less likely you will be to reuse them for your accounts. Get more details about my best expert-reviewed Password Managers of 2024 here
HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET
Staying ahead of security threats is a constant battle for tech companies, and Google is no exception. The swift response to this latest vulnerability shows the company’s commitment to protecting its users, but it also highlights how important it is to keep your software up to date. If you haven’t updated Google Chrome yet, don’t wait any longer. Cybersecurity is a race against time, and every second counts.
How often do you update your browser. Do you wait for a prompt or do you check manually? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you'd like us to cover
Follow Kurt on his social channels
Answers to the most asked CyberGuy questions:
New from Kurt:
Copyright 2024 CyberGuy.com. All rights reserved.
