As per the Google Chrome Statistics for 2021, around 2.65 billion users globally use Chrome as their primary browser. With such an extensive user base, chances of critical security threats are also growing with every passing day. Also Read - Why Google should consider bringing Pixel 6 series to India, but it is not
Recently, the tech giant issued a new update warning to chrome users worldwide. Google revealed in its official blog post about the high, medium, and low vulnerabilities discovered in Chrome for Linux, macOS, and Windows. Also Read - Android 12 is now rolling out for Pixel devices: Here's the list of eligible smartphones
The security attack puts almost 2 billion Chrome users at risk of being hacked. Google confirmed the hack via a blog post after a new ‘Zero-Day Hack’ exploits findings were discovered in Chrome. Zero-Day Hack is when hackers exploit the flaw before developers have a chance to address it. It results in more dangerous security flaws than most of it. Also Read - Personal data of thousands of smartphone users at risk via stalkerware leak
The official blog post states, “High CVE-2021-37973: Use after free in Portals. Clement Lecigne from Google TAG was reported, with technical assistance from Sergei Glazunov and Mark Brand from Google Project Zero on 2021-09-21.”
The hack was spotted by Google employees and not by any third-party firm. To protect users from the high-risk hack, Google is currently restricting the information about the flaws. This should result in buying time for users and limit the spread.
How to check if your Google Chrome browser is secure
- Go to Settings.
- Click on Help.
- Go to About Google Chrome.
- Google Chrome versions 94.0.4606.61 or higher are protected.
- If you don’t have this version, you can’t do anything, wait, or you can shut down the machine.
Google states that the new 94.0.4606.54 will rollout over the coming days/weeks, and so you might not be able to protect yourself right now.
The company has revealed five threats that are under ‘Use-After-Free’ vulnerabilities. Use After Free or UAF is a popular error of not clearing the memory after it is free. It leads a program to crash, and hackers can use this to attack your Chrome. The higher security risks are:
- High — CVE-2021-37956: Use after free in Offline use. Reported by Huyna at Viettel Cyber Security on 2021-08-24
- High — CVE-2021-37957 : Use after free in WebGPU. Reported by Looben Yang on 2021-08-23
- High — CVE-2021-37958 : Inappropriate implementation in Navigation. Reported by James Lee (@Windowsrcer) on 2021-06-24
- High — CVE-2021-37959 : Use after free in Task Manager. Reported by raven (@raid_akame) on 2021-07-15
- High — CVE-2021-37960 : Inappropriate implementation in Blink graphics. Reported by Atte Kettunen of OUSPG on 2021-09-07