Google has put Chrome users on alert after releasing a critical security update to protect millions of desktop users from a new vulnerability.
The update, which addresses a remote code execution (RCE) bug, relieves users worried about the possibility of cyber attackers installing malware on their systems.
The RCE bug, which was discovered recently, could allow hackers to gain access to users’ devices by luring them to click on malicious websites. The security update also addresses six other high-severity bugs, one of which was vulnerable for almost a year.
Chrome RCE bug patch
The patch is compatible with Windows, macOS, and Linux, meaning most of Chrome’s 2.65 billion users can breathe easily. However, Google advises users to install the update immediately to protect themselves from potential exploits targeting these vulnerabilities.
Google has been working hard to fix several high-severity vulnerabilities in the browser, including one they prioritized: the use-after-free vulnerability in the Prompts component.
Developers use the Prompts component to create different prompts, from simple text to images and even videos. However, a remote attacker could exploit this use after free vulnerability to execute arbitrary code on your system or even cause a denial of service.
Google fixes more Chrome bugs
But wait, there’s more! Google has also fixed another high-severity vulnerability lingering around for a staggering 11 months. This one affects Chrome’s SwiftShader, responsible for rendering 3D graphics. Like the Prompts vulnerability, it could allow remote attackers to execute arbitrary code or cause a denial of service on your system.
But Google didn’t stop there. They also fixed four other high-severity vulnerabilities, including a vulnerability in the Chrome video acceleration component Vulkan, two video buffer overflow bugs, and a WebRTC flaw.
So if you’re a Chrome user, it’s time to update your browser ASAP to ensure you’re protected from potential exploits targeting these vulnerabilities. Stay safe out there!
Google Chrome February security update
Google’s February security update addresses a critical remote code execution (RCE) bug that could allow hackers to infect your device with malware.
As with many other security updates, Google may restrict access to bug details and links until most users have updated their browsers with the patch. So don’t wait around – update your browser now and stay ahead of the game.
To summarize, Google’s February security update for Chrome is a big deal. It fixes a critical RCE bug that could cause serious harm to your system. So don’t delay – update your browser immediately to keep yourself safe from potential exploits.
Chrome updates and concerns
Google Chrome’s popularity has often made the browser’s bugs a matter of greater security concern.
The Ministry of Electronics and Information Technology’s Indian Computer Emergency Response Team (CERT-In) in January flagged Google Chrome bugs that could enable a remote attacker to obtain access to confidential information on the affected system and execute arbitrary code.
To be specific, users of Microsoft Windows and Apple Mac and Linux with versions before 109.0.5414.119/120 and 109.0.5414.119, respectively, will be affected by these vulnerabilities.
According to CERT-In, the vulnerabilities are due to Use after free in WebTransport, WebRTC & GuestView, and Type Confusion error in ServiceWorker API in the Google Chrome browser.
A specially crafted Web page could be used by a remote attacker to exploit these vulnerabilities. In the event of successful exploitation of the vulnerabilities, the remote attacker can execute arbitrary code and gain access to sensitive information on the targeted system, as well as operate within the context of the logged-in user.
Leave a Reply