Google Chrome has just received an update that fixes four security vulnerabilities, one of which is classified as “critical”. It allows malicious code to be executed remotely on the victims’ PCs and to take control of them, opening the way for all kinds of attacks. Users on Windows, Mac and Linux should install the latest update as soon as possible.
Google Chrome update fixes critical flaws’ class=’wp-image-15339′ data-lazy-sizes='(max-width: 840px) 100vw, 840px’ data-lazy-src=’https://verifiedtasks.com/wp-content/uploads/2020/02/google-chrome-update-fixes-critical-flaws.jpeg’ data-lazy-srcset=’https://verifiedtasks.com/wp-content/uploads/2020/02/google-chrome-update-fixes-critical-flaws.jpeg 840w, https://verifiedtasks.com/wp-content/uploads/2020/02/google-chrome-update-fixes-critical-flaws-300×188.jpeg 300w, https://verifiedtasks.com/wp-content/uploads/2020/02/google-chrome-update-fixes-critical-flaws-768×480.jpeg 768w, https://verifiedtasks.com/wp-content/uploads/2020/02/google-chrome-update-fixes-critical-flaws-800×500.jpeg 800w, https://verifiedtasks.com/wp-content/uploads/2020/02/google-chrome-update-fixes-critical-flaws-600×375.jpeg 600w, https://verifiedtasks.com/wp-content/uploads/2020/02/google-chrome-update-fixes-critical-flaws-696×435.jpeg 696w, https://verifiedtasks.com/wp-content/uploads/2020/02/google-chrome-update-fixes-critical-flaws-672×420.jpeg 672w’ height=’525′ src=’data:image/svg+xml,%3Csvg%20xmlns=’http://www.w3.org/2000/svg’%20viewBox=’0%200%20840%20525’%3E%3C/svg%3E’ width=’840’>
Google deployed Chrome 77 a few days ago and here is already the update 77.0.3865.90 which fixes several security flaws. The most severe one allows remote execution of arbitrary code on any computer running Windows, Mac or Linux. The attacker can install malware, view, modify or delete data, or even create new user accounts with administrator privileges.
Google Chrome Update 77.0.3865.90 fixes four security vulnerabilities, including one that is considered severe
To exploit the flaw deemed critical, the hacker simply traps his victim through a faulty web page The fault is all the more dangerous as it does not require any other action from the user. Vigilance is therefore not life-saving in this case and anyone could fall victim to it. As The Hacker News explains, a security researcher named Man Yue Mo has discovered two of the four patched vulnerabilities, including the most severe. Google offered him a reward of $40,000 for his discoveries.
The other two researchers who discovered the remaining flaws were also rewarded, but the amount was not specified. This is the second time that Google fixes major flaws in Chrome in less than a month. At the end of August, a vulnerability of practically the same nature had already been corrected with the 76.0.3809.132 update of the navigator. In both cases, only the Desktop versions are affected. For iOS or Android versions of Google Chrome no update is required.
Source : The Hacker News