Google has released an emergency security patch to fix a zero-day vulnerability affecting Google Chrome for desktop, meaning anyone using the Chrome browser should make sure it is updated as soon as possible.
We’ve discussed zero day vulnerabilities and exploits a number of times before. It means a security vulnerability was discovered, but it was the bad guys (cyber-criminals) who discovered the vulnerability first and began exploiting it before the good guys (in this case, Google) had a chance to issue a security fix.
The zero-day part refers to the number of days we all had to apply the security patch before the crooks started exploiting it. Zero.
Basically, it means the bad guys are exploiting this vulnerability right now, so it’s a good idea to update now.
Not much is known about the vulnerability – a common omission given that Google doesn’t want to tip-off any more bad guys before everyone has a chance to get patched up – but what we do know is that it is referred to as a use-after-free type of vulnerability. That means the vulnerability is caused by memory mismanagement. Not the most exciting of descriptions, but these types of vulnerabilities can be very serious.
Sponsored Content. Continued below...
It is also not known how crooks are exploiting the vulnerability, who they have been targeting or how many. We all just have to hope that we were not in the crook’s crosshairs.
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix” Google has said.
Zero-day vulnerabilities in your Internet browser are never a good thing. Your browser is a rather important piece of software considering it’s the bridge between your computer and the World Wide Web. Security vulnerabilities with your browser can result in malware downloads being triggered automatically without the need for being tricked into downloading harmful files. We call these types of attacks drive-by downloads.
Make sure your version of Chrome is updated. Click the three dots in the top right, then Help, then About Google Chrome. The version should be 98.0.4758.102 or higher.