News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Google reveals Chrome zero-day under active attacks

    Home Forums Code Red – Security/Privacy advisories Google reveals Chrome zero-day under active attacks

    This topic contains 5 replies, has 5 voices, and was last updated by  Kirsty 7 months, 2 weeks ago.

    • Author
      Posts
    • #338390 Reply

      b
      AskWoody Plus

      Google Chrome users are advised to use the browser’s built-in update tool to trigger an update to 72.0.3626.121 version [released last Friday, March 1, 2019]. Users should do this right now, especially when the advice comes from Google Chrome’s security lead.
      Google reveals Chrome zero-day under active attacks

      Knuckle dragger Cannon fodder Chump Daft glutton Idiot Crazy/Ignorant Toxic drinker Blockhead Unwashed mass Seeker/Sucker "Ancient/Obsolete" (Group ASAP) Win10 v.1909

      5 users thanked author for this post.
    • #338581 Reply

      lylejk
      AskWoody Lounger

      Don’t use Chrome in particular but do use a browser that uses the Chromium engine.  And to think Microsoft soon wants Edge to use the Chromium engine too.  What a joke.   As for me, I’ll continue use double sandboxed protection.   It’s been protecting my systems for over a decade and without a hitch.   🙂

    • #338621 Reply

      anonymous

      Yeah I do not doubt C & C++ could be part of the problem, but people still type those code lines. 😉

    • #338726 Reply

      Kirsty
      Da Boss

      Put down the cat, coffee, beer pint, martini, whatever you’re holding, and make sure you’ve updated Chrome (unless you enjoy being hacked)
      Plus: Sandbox escape vuln in 32-bit Windows 7 boxes exploited

      By Shaun Nichols | 7 Mar 2019

       
      Updated If Google Chrome is bugging you to update it right now, please stop what you’re doing, and get that upgrade.

      Updated to add

      In a blog post today, Google has revealed a few more details, here. It also warns that it has discovered “a local privilege escalation in the Windows win32k.sys kernel driver that can be used as a security sandbox escape,” that primarily affects Windows 7. Security defenses in modern Windows editions block exploitation attempts.

      Google has spotted active attacks leveraging this privilege escalation flaw against 32-bit Windows 7 systems. Microsoft is still working on a patch for this bug, so stay tuned for an update soon. Or upgrade to Windows 10, ChromeOS, Linux… take your pick.

       
      Read the full article here

      1 user thanked author for this post.
      • #338732 Reply

        OscarCP
        AskWoody Plus

        Both in my PC and my Mac, Chrome is set to update automatically every time I use it, which is not every day, but occasionally, when visiting certain Web sites that “prefer” being contacted with it rather than with other browsers.

        Today, after I got an email about this problem (as I’m subscribed to the Forum where this thread is located) I started Chrome and checked the version it was running: it was already updated and running the new and safer version.

        Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W(?) + Mac&Lx

    • #338756 Reply

      Kirsty
      Da Boss

      Google Chrome users are advised to use the browser’s built-in update tool to trigger an update to 72.0.3626.121 version [released last Friday, March 1, 2019].


      Stable Channel Update for Chrome OS

      Tuesday, March 5, 2019
      The Stable channel has been updated to 72.0.3626.122 (Platform version: 11316.165.0) for most Chrome OS devices. This build contains a number of bug fixes, security updates and feature enhancements. A list of changes can be found here, including a fix for CVE-2019-5786.

      1 user thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Google reveals Chrome zero-day under active attacks

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.