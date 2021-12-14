



Chrome users have already experienced record levels of attack in 2021, and Google is now issuing another critical security warning to 2 billion users.

Google confirms Chrome’s 16th zero-day hack in 2021 and rates threat levels as critical

More Information from Forbes, Light Rocket via Getty Images Microsoft Launches Privacy, Security, Trust Attacks on Chrome Browser By Gordon Kelly

Google confirmed the news in a new blog post, revealing that Chrome was the victim of the 16th zero-day attack this year. A zero-day vulnerability is when a hacker discovers a security flaw before a fix is ​​released. This is the most dangerous type of hack and will affect all Windows, Mac, and Linux users. Google also revealed that it has discovered four more high-threat-level vulnerabilities. Today, Chrome has a strong user base of 2 billion and needs immediate action.

To buy time for Chrome users, Google is currently limiting information about all new attacks, but reveals where the browser is vulnerable and is extremely dangerous with the latest zero-day hacking threat levels. I am evaluating it.

Important-CVE-2021-4098: Insufficient data validation on Mojo. Google Project Zero’s Sergei Glazunov reports to 2021-10-26 High-CVE-2021-4099: Free to use with Swiftshader. Solita’s Aki Helin reports to 2021-11-16 High-CVE-2021-4100: ANGLE object lifecycle issue. 2021-11-19 High Report by Aki Helin of Solita-CVE-2021-4101: Heap buffer overflow on Swiftshader. Reported by Abraluddin Khan and Omair at 2021-10-21 High-CVE-2021-4102: Used after being released in V8. Reported anonymously on 2021-12-09

The big news is that Chrome’s 16th zero-day hack doesn’t follow the previously established popular attack routes. It’s also important that Mojo is a component of Chromium. This means that other Chrome-based browsers such as Microsoft Edge, Amazon Silk, Brave, Opera and Samsung Internet may also be affected.

Elsewhere, the pattern is predictable. The Use-After-Free (UAF) exploit has been the majority of Chrome attacks these days, with nearly 40 vulnerabilities using this method since September. A UAF vulnerability is a memory exploit that occurs when a pointer to memory cannot be cleared after a program has been released.

Heap buffer overflow flaws are still a popular attack route. Memory on the heap, also known as heap smashing, is dynamically allocated and usually contains program data. Overflows can overwrite critical data structures, making them an ideal target for hackers.

Good news? Chrome is currently suffering from the 16th zero-day vulnerability, but the last one is back in October, and we’ve seen remarkable progress by Google and its security partners in recent months.

What to do

In response to these threats, Google has released a new version of Chrome, 96.0.4664.110. Google warns that this will be rolled out over the next few days or weeks. This means that you may not be able to protect yourself immediately.

To check if it is protected[設定]>[ヘルプ]>[GoogleChromeについて]Go to. If your Chrome browser says 96.0.4664.110 or later, it’s safe. If updates are not yet available in your browser, it is important to check for new versions on a regular basis. Remember to restart your browser once it has been updated, as it will not be protected until this happens. This is an important step that makes millions of users forget and vulnerable to attack.

For your safety, you need to restart Chrome after the update

Google

If more motivation is needed, in July Google confirmed that browser hacking was successful by mid-2021 rather than by 2020 as a whole. The number continues to grow, so the next thing to do is check your browser version. Do it now.

