Skip to main content

Google Chrome Hacked, Issues Warnings to Its 2.6 Billion Users to Update Their Browsers.

By Editor


Chrome’s 2.6 billion users again need to be on high alert (for the second time in a week), because Google has confirmed multiple new High-level hacks of the browser.


Google, Google Chrome, Chrome browser, Chrome update, Chrome privacy, Chrome security, Chrome upgrade, Chrome latest version

Four ‘High’ level threats have been found in[+]


Coming just days after Chrome’s 12th and 13th ‘zero day’ exploits of the year were discovered, Google has published a new blog post revealing four ‘High’ rated vulnerabilities have been confirmed. And users need to take immediate action. 



As is standard practice, Google is currently restricting information about these hacks to buy time for Chrome users to upgrade. Consequently, we only have the following information to go on: 


High – CVE-2021-37977 : Use after free in Garbage Collection. Reported by Anonymous on 2021-09-24

High – CVE-2021-37978 : Heap buffer overflow in Blink. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-08-04

High – CVE-2021-37979 : Heap buffer overflow in WebRTC. Reported by Marcin Towalski of Cisco Talos on 2021-09-07

High – CVE-2021-37980 : Inappropriate implementation in Sandbox. Reported by Yonghwi Jin (@jinmo123) on 2021-09-30


While we don’t learn a lot from these descriptions, it is interesting to see Chrome continues to be targeted with ‘Use-After-Free’ (UAF) exploits. The browser was hit by double-digit UAF attacks in September and hackers have already exploited a zero-day UAF flaw in Chrome this month, ahead of the latest discovery. 


The listing of a pair of Heap buffer overflow exploits is less expected. Like UAF attacks, this is a memory vulnerability (also known as Heap Smashing) but it has not been a regular avenue for Chrome hacks in recent months. Memory on the heap is dynamically allocated and typically contains program data. With an overflow, critical data structures can be overwritten which makes it an ideal target for attacks. 


In response, Google has released a critical update. The company does warn Chrome users that the rollout will be staggered, so not everyone will be able to protect themselves immediately. To check if you are protected navigate to Settings > Help > About Google Chrome. If your Chrome version is 94.0.4606.81 or higher, you are safe. If the update is not yet available for your browser, make sure you check regularly for the new version. 


Google, Google Chrome, Chrome browser, Chrome update, Chrome privacy, Chrome security, Chrome upgrade, Chrome latest version

To be safe, Chrome must be restarted after [+]

GOOGLE


And when you have updated, remember the crucial final step: Chrome is not safe until it is restarted. Which makes this a two-way process. Google can fast track fixes for Chrome hacks, but unless users restart their browsers after updating they will not be protected. This false sense of security is something hackers count on. Go check your browser now.

Comments

Post a Comment

Popular posts from this blog

UGANDA ELECTORAL COMMISSION TO ELIMINATE NATIONAL IDENTIFICATION CARDS (IDs) FOR 2021 GENERAL ELECTIONS.

By Editor
The elimination of using National IDs (Ndagamuntu) for the 2021 elections should not have come as a surprise. One would be very NAIVE to think that Bobi Wine has not prepared for this in his Business Plan under the RISK section. It is public knowledge that our EC is not independent.  It is also public knowledge that Military Dictator Yoweri Museveni will never lose an election. What stunned us this morning is when we noticed that on social media, people were mocking Bobi with his "get your Ndagamuntu".  We are on record for saying to all Our readers that the National ID is like Apartheid in South Africa. Students of History would know how those IDs were being used to arrest people, deny them jobs, deny them basic services. Consequently, Bobi was not wrong and will never be wrong on the Ndagamuntu. Except the ones attacking him and mocking him forget that in Uganda, now, no National ID (Ndagamuntu), no service.  If you have not been denied registering your child i...
Post a Comment
Read more

Here is Why Our Utterances For Praying Jesus And God To Come Liberate Ugandans, May Be Misplaced. This Phrase is like inform of a Letter To Some Categorized Section Of Ugandans.

By Editor
https://m.facebook.com/yusufosuta/photos/a.1896701010557789/2070383359856219/?type=3 OPEN LETTER TO NRM SUPPORTERS - NATIONAL ROBBERS MOVEMENT. .................................................................................. Last week of March, a friend told me to pray for Uganda.  I told him that he was an Idiot and we have prayed for too long and we are still hungry and sick and Jesus is not coming soon to liberate us. He then ignored the STUPID and sent me a picture we all now know.  It got me totally messed up.  This guy was telling me to pray then sends a picture of men bowing down in blood.  He might have meant guns but I blocked him because his utterances of praying for Uganda were misplaced. I unblocked him 3 weeks later and asked him about praying and assassinations.  His reply "eithrr prayers or guns or both". I hate violence with a passion.  So he is now blocked in like FOREVER. Do you feel safe?  Do not feel safe. Uganda regim...
Post a Comment
Read more

The Full List of Permanent Secretaries Appointed by President Museveni.

By Editor
By virtue of the Powers given to the President by Article 174 (2) of the 1995 Constitution of the Republic of Uganda, I hereby, appoint the following as Permanent Secretaries as indicated below: 1. Head of Public Service and Secretary to Cabinet- Lucy Nakyobe 2. Deputy Head of Public Service And Secretary to Cabinet - Deborah Katuramu 3. State House Comptroller - Jane Barekye 4. Principal Private Secretary to the President- Dr. Kenneth Omona 5. Principal Private Secretary to H.E. the Vice President - Alex Kakooza 6.  Office of the Prime Minister - Keith Muhakanizi 7.  Office of the President - Yunus Kakande 8.  Ministry of Agriculture, Animal - Industry and Fisheries David Kyomukama Kasura (Maj. Gen.) 9.  Ministry of Defence and Veteran Affairs- Rosette Byengoma 10. Ministry of Education and Sports -       Kate Lamaro  11. Ministry of Energy and Mineral Development -   Batebe Irene  12. Ministry of Foreign Affairs - Vincent Bag...
Post a Comment
Read more