CyberSecOp.com

View Original

Chrome and Edge Should Be Updated Due to a Zero-Day Vulnerability

Google and Edge has released an update to remediate a critical zero-day chrome exploit. The zero-day is a weakness in Edge and Chrome's JavaScript engine that can be used by hackers to inject their code into your browser. Google explains for zero-day exploit CVE-2022-1096, first reported to the company by an anonymous tip on March 23. As part of our commitment to continuous support in security monitoring and enhancement we advise all clients to update to Chrome version 99.0.4844.84 and Microsoft Edge 99.0.1150.55 of as soon as possible.

DETAILS AND REMEDY FOR MICROSOFT AND GOOGLE

At this time Microsoft and Google won't provide much more information other than admitting there have already been attacks leveraging this zero-day weakness and keeping some information away from the public as a safety measure, stating that full details on how the exploit worked won't be made public until most users have the fix. Fortunately, this time Microsoft and Google was apparently able to issue a patch before the exploit became widely known.

Normally Chrome updates happen in the background when you close and reopen your computer's browser.

Microsoft issued its own notice and said the issue was fixed in Edge.

Please follow the steps below to ensure you have the latest version of Chrome.

Remediation Efforts

On your computer, open Chrome.

Author: Tanvir Ahmed