NewsyList

Risk “high” – that’s why you have to update your browser – Multimedia

Google closes four vulnerabilities in the Chrome browser. One of them may already have been exploited by hackers. An update is a must.

Google has updated Chrome to version 103.0.5060.114. With the update, the IT group closes a so-called zero-day gap. Such unknown vulnerabilities are the Holy Grail for hackers, so to speak. This is because so-called exploits can be developed from this – a type of malware that systematically exploits these vulnerabilities. In this way, entire systems and networks can be examined without the victims noticing anything. In technical jargon, these are called zero days because the manufacturer of an affected system does not know anything about the vulnerability, i.e. has zero days’ warning time.

That is what apparently happened in this case. The vulnerability, titled CVE-2022-2294, was discovered this month by a security researcher from IT company Avast and reported to Google on July 1st. The vulnerability resides in a component that enables Chrome to handle audio and video calls and can allow hackers to gain access to computer data by crashing the browser, running malicious software code, or bypassing security tools. The problem may also affect the Android version updated to version 103.0.5060.71, writes Thehackernews.com. The provider himself assesses the risk for users as “high”.

This is how the update works

IT security experts advise installing the update as soon as possible. Precisely because the vulnerability is already being exploited in the wild. How it works? In Google Chrome, click on the three-point menu in the top right, then on Help and “About Google Chrome”. There you can check directly whether the latest version is already installed, or trigger the update manually if necessary.

See also  Franconian auto supplier Bolta-Werke insolvent - 1,000 employees affected

In addition to the vulnerability mentioned above, the update also patches other vulnerabilities. For example, the vulnerability with the name CVE-2022-2295 is also designated with the risk “high”. This is because, under certain circumstances, unauthorized code can be executed on a computer. The vulnerability with the title CVE-2022-2296 (risk “high”) can also offer cybercriminals a target, writes Heise.de. Two weeks ago, Google patched 14 more vulnerabilities in Chrome.

Nav-Account 20 minutes Time| Akt:

Share:

Facebook
Twitter
LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Social Media

Most Popular

On Key

Related Posts