Google Chrome Sends Critical Warning To Millions Of Users: Find Out If You Are Affected And How To Protect Your Account

0


A warning has been issued to the billions of people who use Google Chrome following a record number of attacks in 2021.

The browser is used by around two billion people and Google has already launched 2022 with an important warning to them.

Write the news in a blog post, the big company draws attention to a series of threats it says have now been addressed in an update accompanying the blog post.

The update is called Chrome 97 and is basically a new version of the popular browser which is now available to all users.

Google says it should “roll out in the next few days / weeks”. Here’s everything you need to know about the warning and how to protect your account.

What warning did Google issue?



37 vulnerabilities were found on Google Chrome

In the post, Google shared that it discovered 37 new vulnerabilities known to affect Linux, macOS, and Windows users.

Of the threats, 10 were rated as “high” risk and 1 as “critical”. Users are now urged to take immediate action.

Google indicates that the critical vulnerability and the 10 high vulnerabilities are:

  • Review CVE-2022-0096: to be used after free in storage. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-11-30
  • High CVE-2022-0097: Inappropriate implementation in DevTools. Reported by David Erceg on 2020-08-17
  • High CVE-2022-0098: Use after free in screenshot. Reported by @ginggilBesel on 2021-11-24
  • High CVE-2022-0099: to be used after free login. Reported by Rox on 2021-09-01
  • High CVE-2022-0100: Buffer overflow in Media Streams API. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-08-10
  • High CVE-2022-0101: Buffer overflow in bookmarks. Reported by raven (@raid_akame) on 1421-09-14
  • High CVE-2022-0102: Type confusion in V8. Reported by Brendon Tiszka on 2021-10-14
  • High CVE-2022-0103: For use after the free version in SwiftShader. Reported by Abraruddin Khan and Omair on 2021-11-21
  • High CVE-2022-0104: Buffer overflow in ANGLE. Reported by Abraruddin Khan and Omair on 2021-11-25
  • High CVE-2022-0105: Use after free in PDF. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-11-28
  • High CVE-2022-0106: To be used after free in autofill. Reported by Khalil Zhani on 2021-12-10

Although these may seem confusing, Forbes reports that they follow a familiar pattern – many issues involve the phrase “Use-after-free”, also known as UAF.

What is a Use-after-free or UAF vulnerability?

A UAF vulnerability is where the memory used by a program is not freed properly and in turn becomes vulnerable to attack by hackers.

UAF has been the preferred approach of hackers attacking Google Chrome for many months.

How do you know if you are affected?

Because the new Chrome 97 update rolls out over a period of time, not all users will be protected from the vulnerabilities it aims to fix immediately.

To check if you’re protected, go to: Settings> Help> About Google Chrome.

If your browser version says “97.0.4692.71” or higher, you are safe.

If you don’t have a number as high as this, keep checking until you are. Once the above number is reached, restart your browser to activate the updates.

You will not be protected until you reboot, so it is essential that you do so as soon as the update is complete.


Share.

Comments are closed.