The web browser is the gateway to the Internet, but it can also be the gateway for hackers to our PC. Any security flaw that is discovered in this software can compromise our entire security entirely. For this reason, it is vitally important to ensure that the browser is always updated, thus being protected from any possible vulnerability, such as the two critical zero-day bugs that were discovered a few hours ago in Google Chrome and that, in addition, was being exploited by hackers.
Google Chrome is the most used web browser in the world, with about 70% of the market share. For this reason, it is also one of the programs most controlled by hackers, since the slightest flaw discovered in it can endanger millions of users at one time.
Chrome fixes two zero-day vulnerabilities in Windows, Linux, and macOS
Just yesterday, Google released an emergency patch for its web browser. This patch, available for both Windows and macOS and Linux, puts the browser at version 86.0.4240.198 and, its objective, is to protect all users from two very serious zero-day vulnerabilities that were being used by hackers.
These security flaws have not been discovered by the Project Zero researchers themselves as is often the case on other occasions. Anonymous sources have discovered and reported the security flaws to the company so that it could fix them.
The first of the bugs fixed by this emergency patch is CVE-2020-16013 . This vulnerability is due to an inappropriate implementation of the JavaScript V8 engine, reported on November 9. On the other hand, CVE-2020-16017 , reported on November 7, is due to a memory corruption issue in Chrome’s isolation feature, which allows access to data after use.
Google, for security, has not given much more information about these failures. Some researchers believe that the vulnerability in JavaScript V8 is related to last week’s patch, although it is not entirely clear. They may be totally different vulnerabilities.
Update the browser as soon as possible
Given the danger of these two vulnerabilities, and above all, their active use on the network, we must make sure to update the browser. All users of the desktop version of Chrome, regardless of their operating system, will be able to download the new version 86.0.4240.198 of the browser right now.
Chrome has its own automatic update engine, so, initially, we will not have to do anything to update it. However, if we want to make sure we have this version, we can do so by opening the Chrome menu and selecting the “Help> Google Chrome Information” section.
In the window that will appear we can see the version that we have installed . If this corresponds to 86.0.4240.198, or is higher, then we no longer have to do anything. Otherwise, the automatic upgrade process to this version will begin. After restarting Chrome, we will be up to date.
If we prefer, we can also download Chrome manually to install it on our computer. The installer that we download from its website already copies the latest version of this browser, so we will be up to date and protected from the first moment.
