New Critical Security Bug in Chrome – Update Now 

By | April 20, 2020
Print Friendly, PDF & Email

 

 

New Critical Security Bug in Chrome – Update Now 

Google has issued a security warning for all users of its Chrome web browser. A new update for Chrome — version 81.0.4044.113 — is rolling out for Windows, Android, and Linux devices.

According to Google’s Chrome Releases Blog:

“…Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed..

This update includes 1 security fix. Please see the Chrome Security Page for more information.

[$TBD][1067851] Critical CVE-2020-6457: Use after free in speech recognizer. Reported by Leecraso and Guang Gong of Alpha Lab, Qihoo 360 on 2020-04-04

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel…”

The vulnerability, a “use after free”bug is is RCE (Remote Code Execution) type, which is serious since it allows an attacker to run code on your computer.

Security firm Sophos explains in a blog:

“…In use-after-free bugs can allow an attacker to change the flow of control inside your program, including diverting the CPU to run untrusted code that the attacker just poked into memory from outside, thereby sidestepping any of the browser’s usual security checks or “are you sure” dialogs. That’s the most serious sort of exploit, known in the jargon as RCE, short for remote code execution, which means just what it says – that a crook can run code on your computer remotely, without warning, even if they’re on the other side of the world.”

The new update comes only with security fixes and rewards and as part of a note, however, the company is not sharing any details about that as of now. In a small note, Google explains, “Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”

Chrome version 81.0.4044.113 is rolling out now for Windows, Mac, and Linux. Check your version of Chrome this way:

  1. Click the 3 vertical dots in the top-right corner of Chrome
  2. Click on “Help” “About Google Chrome”Cloudeight Google Chrome Tip
  3. You’ll see your current version of Chrome. If you are running version 81.0.4044.113 (or newer if you’re reading this at a future date) it will say your versions of Chrome is up to date.

    Cloudeight Google Chrome Tip

  4. If you’re not running the new version of Chrome it’s important that you update immediately.

19 thoughts on “New Critical Security Bug in Chrome – Update Now 

  1. Annabelle

    Thanks for this important info. If not for you, we would not have known about this….from the one …Google..that should have left us know. Thanks again for always looking out for us all, your Cloudeight family and friends.

    Reply
  2. Connie Tyler

    TY so much for letting us know. I had no idea about the update problem.

    Reply
  3. layor nala

    After your note I checked and i was up to date.

    I understand Google Chrome automatically updates itself whenever it detects a new version available. This happens in the background and you won’t even notice it unless there’s a change on the user interface. You can also manually trigger the checking of the update if you wish to. iOS and Android can also be set up to automatically update all installed apps, the Chrome app included.

    Reply
    1. infoave Post author

      Normally updates happen in the background when you close and re-open your browser. However, if you haven’t closed your browser in a while you might see the Chrome menu on the browser change color to green, orange, or red. If you see green that means an update has been available for 2 days, orange means 4 days and red means 7 or more days. So it’s a matter if you close and reopen your browser. I only restart my computer when necessary. I don’t shut down at night and I rarely close & reopen Chrome. From what I can see, many others don’t close and restart Chrome often either.

      Reply
  4. JOYCE CLARK

    Thanks for letting me know. I would have been in deep trouble as I wouldn’t have even known there was a serious problem to fix. You two are on top of everything and caring enough to let us out here know what the problem is and how to fix it ourselves, even us who are not so smart. Thanks again.

    Reply
  5. Anne Stewart

    Grateful thanks Cloud Eight, , I hadn’t known of this problem, I have just now finished up-dating my version of Chrome, which was very much out of date, I had assumed Google would automatically up-date when necessary, not so it seems…
    Bless you all ❤❤❤

    Reply
  6. Patricia Mann

    Another thank you from a grateful cloudeight member, mine was not up to date but thanks to you both I have
    updated now. Much appreciated.

    Reply
  7. Aussie Norm

    I will add my Thanks as well.
    After reading your advice I was able to update and now it is running on the setting as per your email.
    Sometimes companies can become too big and monopolise the market without providing good and reliable backup service.
    Well done Darcy and TC.(again.!!)

    Reply
  8. Judy C Yates

    ALWAYS appreciate you guys for keeping us up to date and watching our backs . I NEED ALL the help I can get!

    Reply
  9. Margaret Crozier

    I followed your instructions and watched as Chrome seemed to be busily updating. But this – Version 80.0.3987.163 (Official Build) (64-bit) – was where it stopped and told me to “relaunch” to complete the update.
    I did not click “relaunch” for concern something nasty is going on.

    Reply
    1. infoave Post author

      Margaret, you can’t update Chrome or Windows or most anything else unless you restart it (relaunch). If you don’t restart Chrome (Relaunch) the update cannot be applied.

      Reply
      1. Margaret Crozier

        I understand that but is that the right update? Looks really old compared with what you have said.

        Reply
        1. infoave Post author

          Margaret, you’re doing this all through Chrome, you’re not clicking links to different sites, there is nothing untoward going to happen if you follow the procedure we outlined.

          Reply
  10. Kathy Richardson

    Thank you so much. I’m updated now. Enjoy your day!

    Reply
  11. Jason Miller

    I saw the instruction to go to PlayStore and click on my apps. I saw I had 15 updates pending. I had nothing better to do with my time today, or any day for that matter being retired, so I clicked on update all and set my phone down on the counter and walked away. That was my project for the day except for walking from one end of the house to the other several times 2 or 3 times a day. Drives the cat crazy because she thinks I’m going somewhere.
    While I’m doing nothing I’m going to call my kids at work and let them know how bored I am doing nothing. It’s the highlight of my day when I get to do that. Parents revenge.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *