{"id":19182,"date":"2020-04-20T07:17:59","date_gmt":"2020-04-20T11:17:59","guid":{"rendered":"https:\/\/www.thundercloud.net\/infoave\/new\/?p=19182"},"modified":"2020-04-20T07:17:59","modified_gmt":"2020-04-20T11:17:59","slug":"new-critical-security-bug-in-chrome-update-now","status":"publish","type":"post","link":"https:\/\/www.thundercloud.net\/infoave\/new\/new-critical-security-bug-in-chrome-update-now\/","title":{"rendered":"New Critical Security Bug in Chrome – Update Now\u00a0"},"content":{"rendered":"

 <\/p>\n

 <\/p>\n

New Critical Security Bug in Chrome – Update Now\u00a0<\/span><\/strong><\/p>\n

Google has issued a security warning for all users of its Chrome web browser. A new update for Chrome — version 81.0.4044.113 \u2014 is rolling out for Windows, Android, and Linux devices.<\/span><\/p>\n

According to Google’s Chrome Releases Blog:<\/a><\/span><\/p>\n

“…Security Fixes and Rewards<\/span><\/p>\n

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven\u2019t yet fixed..<\/span><\/p>\n

This update includes 1 security fix. Please see the Chrome Security Page for more information<\/a>.<\/span><\/p>\n

[$TBD][1067851] Critical CVE-2020-6457: Use after free in speech recognizer. Reported by Leecraso and Guang Gong of Alpha Lab, Qihoo 360 on 2020-04-04<\/span><\/p>\n

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel…”<\/span><\/p><\/blockquote>\n

The vulnerability, a “use after free”bug is is RCE (Remote Code Execution) type, which is serious since it allows an attacker to run code on your computer.<\/span><\/p>\n

Security firm Sophos explains in a blog:<\/span><\/a><\/p>\n

“…In use-after-free bugs can allow an attacker to change the flow of control inside your program, including diverting the CPU to run untrusted code that the attacker just poked into memory from outside, thereby sidestepping any of the browser\u2019s usual security checks or \u201care you sure\u201d dialogs. That\u2019s the most serious sort of exploit, known in the jargon as RCE, short for remote code execution, which means just what it says – that a crook can run code on your computer remotely, without warning, even if they\u2019re on the other side of the world.\u201d<\/span><\/p>\n

The new update comes only with security fixes and rewards and as part of a note, however, the company is not sharing any details about that as of now. In a small note, Google explains, \u201cAccess to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven\u2019t yet fixed.\u201d<\/span><\/p><\/blockquote>\n

Chrome version 81.0.4044.113 is rolling out now for Windows, Mac, and Linux. Check your version of Chrome this way:<\/span><\/p>\n

    \n
  1. Click the 3 vertical dots in the top-right corner of Chrome<\/span><\/li>\n
  2. Click on “Help” “About Google Chrome”<\/span><\/span>\"Cloudeight<\/li>\n
  3. You’ll see your current version of Chrome. If you are running version 81.0.4044.113 (or newer if you’re reading this at a future date) it will say your versions of Chrome is up to date.<\/span>\n

    \"Cloudeight<\/p>\n

    <\/span><\/li>\n

  4. If you’re not running the new version of Chrome it’s important that you update immediately.<\/span><\/strong><\/em><\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"

        New Critical Security Bug in Chrome – Update Now\u00a0 Google has issued a security warning for all users of its Chrome web browser. A new update for Chrome — version 81.0.4044.113 \u2014 is rolling out for Windows, Android, and Linux devices. According to Google’s Chrome Releases Blog: “…Security Fixes and Rewards Note: Access to bug details\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":11123,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[101,2574,2479,1656,779,10],"tags":[392,3883,14,2440],"_links":{"self":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/19182"}],"collection":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/comments?post=19182"}],"version-history":[{"count":2,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/19182\/revisions"}],"predecessor-version":[{"id":19184,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/19182\/revisions\/19184"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media\/11123"}],"wp:attachment":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media?parent=19182"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/categories?post=19182"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/tags?post=19182"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}