Skip to Content
© nikkimeel |
Security & privacy

You need to update Chrome NOW – New threat discovered

Hot on the heels of Microsoft and Adobe releasing several updates, Google is now trotting out some of its own. Patching numerous issues with the Chrome browser, one of the vulnerabilities has already been exploited by hackers.

Earlier this month, a big update was launched for Chrome. Google made two changes to how the browser operates by updating some of the JavaScript compilers. This made Chrome faster and use less memory, which is a win for everybody.

But it seems that something in that update went a bit haywire, creating a few unintended consequences. Given the flaw’s severity, Microsoft and Google have worked together to roll out the patch in less than seven days after discovery.

Here’s the backstory

Bringing Google’s Chrome up to version 91.0.4472.101, the update fixes 14 security flaws, including at least one zero-day exploit. Unfortunately, an exploit of that kind means that hackers have already figured out a way to use it.

As reported by Clement Lecigne of Google’s Threat Analysis Group and Sergei Glazunov of Google Project Zero, the threat has been designated as CVE-2021-30551. The technical description for it is a “Type Confusion in V8,” but Shane Huntley from Google explained it in simpler terms.

“More details will be on CVE-2021-33742 will come from the team, but for context this seem to be a commercial exploit company providing capability for limited nation state Eastern Europe / Middle East targeting,” he posted on Twitter. He added that CVE-2021-30551 is used by the same cybercriminals.

What you can do about it

To patch the vulnerabilities in your Chrome browser, you must update it to the latest version. You can do this by going into settings.

Tap the menu in the upper right corner (three dots), hover your cursor over Help, and select About Google Chrome. You will see which build you currently have, and you’ll have the option to update by clicking Update Google Chrome. If the option isn’t there, then you’re using the latest version.

“I’m happy we are getting better at detecting these exploits. And the great partnerships we have to get the vulnerabilities patched. But I remain concerned about how many are being discovered on an ongoing basis and the role of commercial providers,” Huntley concluded, who is a member of Google’s Threat Analysis Group.

Keep reading

10 best Chrome extensions to use with Google Drive

Chrome vs. Edge: Which is the better browser to use on a PC?

Tech smarts in 2 minutes a day

Get my Daily Tech Update and the Digital Life Hack. Just one minute each and arm you with the tech knowledge you need to impress your boss and friends with how smart you are.