PSA: You should probably go update your Chrome browsers, like, right now
Two exploits were found – one for Chrome and one for Windows 7.
Hey, listen. Are you reading this on Google Chrome? If so, go make sure that you’re updated to the latest version, like right now. That’s the same no matter which platform you’re using, be it Mac, Windows, Linux, iOS, ChromeOS or Android.
Last week, Google’s Threat Analysis Group discovered two zero-day vulnerabilities that were being used together in an ongoing series of cyber attacks to take over systems and run malicious code.
Here’s how to update Google Chrome
- Click on the three-dot icon at the top right of your browser
- Scroll down to Help, then About Google Chrome from the menu that pops out
- You’ll be shown your Chrome version number, and either a messaged that Google Chrome is up to date or your browser will start the update automatically.
- Make sure you restart your browser by pressing the button that appears or close then reopen your browser.
When Google Chrome’s security lead tweets out “seriously, update your Chrome installs… like right this minute.” – you know something big is going down.
More information regarding the zero-day vulnerabilities
One of the zero-days affected the Chrome browser, a memory management error in Google Chrome’s FileReader. This part of Chrome lets web apps read the contents of files stored on the user’s computer. FileReader is also inside every major browser, so you can see the scale of this issue. Exploiting the memory error can let an attacker run their own code on the PC, or even take it over completely.
The other zero-day was a flaw in Microsoft’s Windows 7 operating system. Clement Lecigne from Google’s Threat Analysis Group has said that so far, only Windows 7 32-bit systems appear to be vulnerable, thanks to exploit protections added in Windows 8 and later. If that isn’t a good reason to upgrade to Windows 10, I don’t know what is.
Microsoft is working on a fix for the exploit (ha, and they said they’d stop supporting Windows 7). Still, it’s about time for an upgrade, no? When Google’s threat team recommends updating your PC to a newer operating system, you really should listen to the experts.
Surprised by the exploit? Did you update your Google Chrome? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.
- Mark Zuckerberg publicly posted his privacy thoughts
- Google says you can now mail in your busted Google Pixel 3 and 3 XL for repairs
- Gmail’s nifty Smart Compose feature is now available to all Android handsets
- Google’s Duplex is now available on all Pixel phones and usable in 43 US states
- The Samsung Galaxy S10 face unlock can be fooled by a drawing