SECURITY
This Android Malware Can Take Over Legitimate Apps
You may know—and be on the lookout for—malware hiding in programs that act leg...
Update Chrome ASAP (Again)
If you happened to catch my advice on Tuesday to update Chrome as soon as possible, it might come as a surprise to see me repeating myself just three days later. Nevertheless, it really is time to update Chrome again, as Google has disclosed yet another zero-day vulnerability impacting its popular browser.
The company announced the update in a post on its Chrome Releases site on Thursday: The new version numbers are 125.0.6422.112/.113 for Windows and Mac, and 125.0.6422.112 for Linux. No matter which platform you use, this update patches one single security flaw, tracked as CVE-2024-5274. CVE-2024-5274 is a type confusion flaw—a vulnerability where your code doesn't check the type of the object it is processing. When this lack of oversight occurs, it can lead to the code processing the wrong data, which bad actors can take advantage of to run their own code in the process. That, of course, isn't good.
The greater issue, however, is that this vulnerability is a zero-day: Google confirmed it is aware there is an active exploit for the flaw in the wild, which means someone somewhere not only knows of the existence of the vulnerability, but they've actively taken advantage of it.
You May Also Like
It's good that Google has a patch available for the public to protect against this vulnerability, but there's a concerning trend emerging here: CVE-2024-5274 is the fourth zero-day vulnerability Google has patched this month, and the eighth in 2024. Security vulnerabilities are an inevitability with software (cracks in the system will always, eventually, be discovered), but it's imperative that developers and the researchers they work with discover the flaws before malicious users do, especially with major programs like Chrome. When companies like Google discover and patch flaws after they've been discovered and exploited by bad actors, it puts all users at risk.
Hopefully, it'll be a while before we hear about another zero-day affecting Chrome. Until then, it's best to update your browser ASAP. Remember: Any time Chrome has a security patch, it affects all Chromium-based browsers, including Edge, Brave, and Opera.
How to update Chrome to patch this zero-day
To update Chrome, click the three dots in the top-right corner of your browser window, then navigate to Help > About Google Chrome. Allow Chrome to search for a new update, then follow the on-screen instructions to download and install it.
RECOMMENDED NEWS
HARDWARE
How to Set Up a Home Security Camera System Without Using the Cloud
There are plenty of good reasons to get your home kitted out with some of the best...
HARDWARE
This Smart Electric Grill Can’t Replace Your Barbecue
Testing smart grills has raised a philosophical argument over what constitutes a �...
AI
How to Enable AI in Windows' New Advanced Paste Feature
The clipboard is a really handy feature that you’ll find in most types of smart ...
TVS
My Favorite Memorial Day Sales on Smart TVs
Amazon Prime Day is quickly approaching, with the two-day sale likely sometime in ...
COMPUTING
How to Remove the New Lock Screen Widgets in Windows 11
If you've recently updated your Windows 11 PC, you might be surprised to see three...
Comments on "Update Chrome ASAP (Again)" :