One of the most widely accessed web browser, Google Chrome, underwent a zero-day attack on February 27th, as reported by Google Security Blog. A zero-day is nothing but a day on which the software has a weakness or flaw in its system. Hackers targeted this flaw, undertaking a zero-day attack.
The breach of security was aimed at Google Chrome directly and not third parties. The bug or flaw was a Chrome vulnerability, code-named CVE-2019-5786, which the hackers saw as an opportunity to directly attack the flaw in Google Chrome’s direct codes.
Google on March 1 released an update to tackle the vulnerability and asked all users to update their desktop Chrome version immediately. The new version is 72.0.3626.121. Chrome has an in-built auto-update system but Google encourages its users to verify and cross-check if the update has been made on their systems.
To verify the update, follow the following steps:
1. Open Google Chrome
2. Head over to the toolbar, in the far right top corner
3. Select Help/ About Google Chrome or type down chrome://settings/help in the address bar, whichever works best for you.
4. A dialogue box will open in front of you from both the above mentioned methods
5. The dialogue box will tell you about your version. Make sure the version mentioned is 72.0.3626.121
6. If not, fret not. Google’s auto-update system will get at it soon.
Google’s security lead and engineering director Justin Schuh went on to warn about the urgent requirement to update the web browser.
The bad news for Google Chrome users is that this flaw is still being exploited by hackers. Hence, it becomes crucial for users to update their Chrome browser.
Google uses one of the most robust forms of C and C++ codes on the planet, with world class security system. Despite that, it still suffers from memory corruption related to codes. But in case of Chrome, the immediate update and patching system, fixes critical problems in real time.