Those who use Google Chrome to surf the Internet are advised to ensure that they have the most up-to-date version of the browser installed after the discovery of a zero-day whereby attackers are exploiting a vulnerability in Chrome’s ability to handle special fonts.
First things first. What’s a zero-day exploit? Well, that’s a vulnerability in a piece of software that the bad guys found before the good guys. This usually means the bad guys are exploiting that vulnerability to attack users of that software before the developers of the software can rush out a security fix for the vulnerability.
The “zero-day” refers to the number of days the good guys had to fix a problem before it was being exploited by the bad guys. Since the bad guys found it first, the number of days is ZERO.
Sponsored Content. Continued below...
Exploiting vulnerabilities in software can often be a particularly effective way of launching an attack against a person. That’s because while most Internet scams rely on a user compromising their own security by making a poor security choice, vulnerabilities don’t really need a user to deviate all that much from general good security habits. In a worse case scenario, a user could, for example, merely visit a website to find themselves the victim of a malware attack.
In this instance, the vulnerability is affecting the Google Chrome browser, one of the most popular browsers used by the public right now. Google have already launched an update to fix the vulnerability; a vulnerability that took advantage of how the browser deals with special fonts, a feature that allows websites to display custom fonts to a visitor who may not have that particular font installed on their computer.
Sponsored Content. Continued below...
Not a great deal is known about how attackers are actively launching attacks through this vulnerability. That’s an intentional omission by Google, who naturally don’t want to tip off any other cyber-crooks. No doubt more details will be forthcoming when most users have had time to update their versions of Chrome.
This means our readers are advised to ensure Google Chrome is updated to the latest version, which should be 86.0.4240.111. To check, go to the three dotted icon, click Help and then About Google Chrome. If you’re not at the aforementioned version, there should be a button on that page that allows you to update, which may mean a restart of Chrome. If you don’t turn your computer off for long periods of time, you may need to head over to that page to finish the download, even if Chrome is set to auto update.
Thanks for reading, we hope this article helped, but before you leave us for greener pastures, please help us out.
We're hoping to be totally ad-free by 2025 - after all, no one likes online adverts, and all they do is get in the way and slow everything down. But of course we still have fees and costs to pay, so please, please consider becoming a Facebook supporter! It costs only 0.99p (~$1.30) a month (you can stop at any time) and ensures we can still keep posting Cybersecurity themed content to help keep our communities safe and scam-free. You can subscribe here
Remember, we're active on social media - so follow us on Facebook, Bluesky, Instagram and X