Chrome is the most popular web browser on the market by far, but its success is no guarantee of being free from vulnerabilities as a new update shows.
No piece of software is created perfectly, so there’s always a need to update and refine applications. In particular, security vulnerabilities are one of the most common issues which software designers find themselves needing to go back and solve. And this is because threat actors will use all their resources to discover even the tiniest chink in an application’s armor. Once this has been discovered, they’re presented with the opportunity to bypass security and exploit the software.
Chrome’s latest update comes packed full of functionality upgrades, but also 11 security fixes. As it’s likely your organization regularly works with Chrome, we’re going to look at what this patch offers you.
What is Chrome’s Latest Update?
The latest update from Chrome – details of how to install it are here – delivers a variety of fixes which include:
- A zero-day vulnerability – tagged as CVE-2022-2856 – which has allowed hackers to take advantage of a flaw in Web Intents, a process which allows web apps to connect with web services.
- Several ‘use-after-free’ vulnerabilities, these are flaws that are usually opened when an application fails to clear its memory when used. This scenario provides a foothold to threat actors looking to breach security.
- A heap buffer overload vulnerability relating to downloads made through Chrome, a vulnerability which allows memory corruption to open a backdoor for threat actors.
t only takes one vulnerability to compromise a PC, so the need to patch 11 vulnerabilities strikes a major blow to Chrome’s reputation. To make matters worse, this is the fifth zero-day vulnerability Chrome have had to issue in 2022. Digging deeper into the contents of the update, it also becomes apparent that ‘use-after-free’ errors are a significant problem within Chrome at present.
Is Chrome Safe to Use?
Chrome will continue to work even without the latest update. However, the protection at its disposal will be lacking any substantial strength. There’s a chance, of course, you won’t fall victim to a cyber-attack which exploits these flaws, but do you really want to take a chance? The sensible answer is: NO! And, although Chrome haven’t released any specific details about these latest vulnerabilities, you can bet your bottom dollar that hackers will now be focusing their attention on Chrome.
Therefore, it’s crucial you install this latest Chrome update as soon as possible. Even if your organization’s preference is, for example, to use the Edge browser, you need to update Chrome if it’s present on your PCs. This is the only way to ensure that security gaps are plugged. Naturally, there will be further vulnerabilities which remain unidentified, but you can only deal with threats which are known. Chrome, on the whole, is a reputable and safe browser, you just need to make sure that automatic updates are activated.
For more ways to secure and optimize your business technology, contact your local IT professionals.
Read More
