Google Issues Urgent Security Patch for New Zero-Day Exploit in Chrome
Chrome prior to 92.0.4515.x has been discovered.
This flaw when exploited can allow the attacker to perform actions with the same permissions of the Chrome user, including executing code,” Google said in a published notice.
Details:
Container
According to Google’s Chrome Releases blog, the immediate availability of Google Chrome 92.0.4515.x for all supported operating systems aims to address these vulnerabilities.
Google credited an anonymous tipster for the discovery of the zero-day exploit, stating that it has awarded $30,000 for the bug as part of its Vulnerability Rewards Program.
Container
This is not an isolated incident with past reports showing that Google has had to address similar issues.
Earlier this year, Google patched five zero-day vulnerabilities in Chrome that were being actively exploited
Best Practices for Secure Use of Google Chrome:
Container
The sudden need for an out-of-band patch indicates how vital it is for users to maintain good security hygiene.
This includes keeping all software, especially the browser, up-to-date due to the relatively frequent release of security patches.
To verify your version of Chrome and update it manually, go to Help > About Google Chrome.
If an update is available, Chrome should download and install it automatically.
Container
Additionally, to enhance your browser settings, users can activate Google’s advanced protection program, which provides stronger phishing protection, and restricts third-party apps from accessing email, documents, etc.
End of Article
Follow-Up Reading:
1. Google Chrome Releases Blog.
For the latest updates on any vulnerabilities and their patches.
2. Protect your Chrome Browser.
Google’s official documentation on protecting your browser.
3. Google’s Advanced Protection Program.
Learn more about Google’s additional layers of security for users at higher risk.
