Security updates are important, and you shouldn’t ignore them. However, while apps and browsers like Chrome will remind you when it’s time to update, you might also be blissfully unaware there’s even one available, leaving you open to security risks. This happens to be one of those times.
On Monday, Feb. 14, Google announced a new update for Chrome, version 98.0.4758.102, which addresses 11 security risks with the previous build of the browser. While plugging up security gaps is always good advice, there’s an extra reason this update is key: Of those 11 security flaws, Google acknowledged one has an exploit that “exists in the wild.” Essentially, someone outside of Google knows about this security flaw, and could take advantage of it if they haven’t done so already.
This particular flaw is [$NA][1296150] High CVE-2022-0609: Use after free in Animation. A use after free vulnerability, or UAF, is one that concerns a program’s dynamic memory. It occurs when a program clears a memory location, but does not clear the pointer to that memory, allowing a bad actor to hack that particular program.
Google did not disclose whether this exploit has been used, or by whom. However, the fact it exists is more than enough reason to immediately update Chrome on your Mac or PC.
To update, click the three dots in the top-right corner of a Chrome window, then choose Help > About Google Chrome. Allow Chrome to check for an update. If 98.0.4758.102 is available, you’ll see it reported here. Just click “Relaunch” to allow the update to take.
Chrome isn’t the only browser to have critical security flaws lately. Apple has issued two updates for Safari recently; the latest update fixed a WebKit security flaw allowing hackers to run malicious code, while the previous update patched a serious JavaScript API bug allowing bad actors to pull personal information from other open tabs in your browser.
from Lifehacker https://ift.tt/a80bkhU
0 comments:
Post a Comment