Following the discovery of a significant hack, nearly 2 billion Google Chrome users were advised to update their browsers. Almost all Google Chrome users are at risk of being hacked as a result of this assault. Google verified the breach in a blog post after a new zero-day flaw was discovered in Google Chrome. Having already issued a warning on CVE-2021-30563, a zero-day vulnerability, and now another one has surfaced that is just as hazardous, if not more so. CVE-2021-37973 is the name of this vulnerability. “Google is aware that an exploit for CVE-2021-37973 exists in the wild,” Google wrote on its blog.
This is referred to as a zero-day exploit, as hackers were able to exploit it before Google was aware of it and could release a patch to stop them. Furthermore, given that the application has a user base of 2.65 billion people, the scope of the problem is obvious.
The most important takeaway from the Google blog regarding the browser’s vulnerability is that it was discovered by Google personnel rather than a third party. Most crucially, a Google Chrome upgrade is required for all users, and the sooner they do it, the better. Google also disclosed their threat assessment or ranking of the exploit.
Google revealed threat ranking on its blog:
“High CVE-2021-37973: Use after free in Portals. Reported by Clement Lecigne from Google TAG, with technical assistance from Sergei Glazunov and Mark Brand from Google Project Zero on 2021-09-21.”
“We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel,” it added as a nice touch.
More crucially, for the 2 billion Google Chrome users, Google has provided a patch for everyone.
To see if your Google Chrome browser is safe, follow these steps:
- Go to the Settings menu.
- About Google Chrome
- Make sure you’re using the latest version of Google Chrome.
- Google Chrome version 94.0.4606.61 or above is secure.
- If you do not have this version, there is nothing you can do but wait.
Alternatively, turn off your machine.
Google assured users in a message at the foot of the blog that the specifics would be kept hidden until everyone received the upgrade. It stated, it’s possible that access to problem data and links will be limited until the majority of users have been updated with a repair. We’ll keep the limits if the bug is in a third-party library that other projects rely on but hasn’t been patched yet.
After you’ve completed the application’s update, restart your computer to make sure everything is working properly. This is just as important as the upgrading itself.
You might also like: