• The browser is your operating system – patch it!

    Tonight’s topic is …. are you up to date on the platform that is REALLY the one you should be worried about?  Your browser.  No matter what underlying operating system you use, you really need to pay attention to how patched your Browser is.

    With more and more things going to the web, with more and more things going through the web, it’s the browser that is the most important software to keep up to date.  And lately I’ve noticed that the one that gets the zero days most often is Google Chrome.  Don’t use Chrome, you say?  Not so fast. Much of the time the other platforms browsers are built on the Chromium engine and thus (for example) you may be using Brave browser but you still need to be aware of the issues as Brave is built on the Chromium engine.

    So which browsers use Chromium?

    • Chrome obviously.
    • Edge
    • Opera
    • Vivaldi
    • Brave
    • Colibri
    • Epic
    • Iron
    • Among others

    For Chrome you need to be on 99.0.4844.84 to be protected from this zero day bug that has been seen in use in attacks on the web.

    There are not a lot of details about who or what was using the bug but it appears that it was used in targeted attacks.

    While Firefox (and it’s versions) are not impacted, it’s still wise to check and make sure you are fully up to date. At this time you need to be on 98.0.2 for Firefox.

    For all of these browsers you can check if you are up to date by clicking on the help menu or about menu and that usually triggers them to download a new update if they are out of date. Alternatively you can go to their direct download site and download a new version and install over the top.

    For those of you that are Plus members I’ve put the versions or build numbers of the major Browsers on the Master patch listing that you need to be sure you are up to date on.  I’m not sure I’ll be able to keep up with every release of every browser, but for sure when there is a patch like this that is fixing a known in the wild and what appears to me to be a realistic risk of attack, I’ll be sure to flag it and also send out a tweet and a text message if you need to update your browser for known in the wild attacks.

    So remember, tonight or in the morning, launch your browser, click on (typically) the dot dot dot in the menu bar at the top, then on help and about.

    Make sure your browser is fully patched!