Science

Update Google Chrome immediately: Hackers could hijack your computer using a flaw in the browser


Update Google Chrome NOW: Hackers could hijack your computer using a flaw in the browser that lets them install malware without you knowing

  • Google tells users to update the browser immediately due to a disruptive bug
  • The bug is more dangerous as it targets Chrome directly not third party apps 
  • One bug was fixed but Google won’t reveal the full effect of the loophole yet 
  • Users must also actively reboot their computers in order to expel the flaw 

Google‘s lead security engineer has warned users to update Chrome immediately or risk having their system hijacked.

A security breach was uncovered by hackers on the desktop version of Chrome before the company had chance to spot the flaw.

The exploit relates to a part of Chrome called FileReader, which lets software built into websites access data stored on a user’s computer. 

Google has not released any further details on the bug, to avoid giving copycats information on how to find a workaround to their fix. 

Scroll down for video 

Google has warned users to update Chrome immediately if they don't want their system hijacked (stock image). A security risk known as 'CVE-2019-5786' was revealed by hackers and left browsers exposed while the company created an updated version Chrome with bug fixes

Google has warned users to update Chrome immediately if they don’t want their system hijacked (stock image). A security risk known as ‘CVE-2019-5786’ was revealed by hackers and left browsers exposed while the company created an updated version Chrome with bug fixes

The fact that Google didn’t detect the bug themselves meant that Chrome browsers were ‘actively under attack’ before a fix could be released.

Delays like this give hackers a head start and leave users’ systems vulnerable before an update is installed.

Experts say that the bug may have let hackers hijack computers remotely.

Google‘s lead security engineer Justin Schuh writing on Twitter, warned users: ‘Seriously update your Chrome installs… like right this minute.’   

Mr Schuh added that unlike previous bugs found in Chrome which have targeted third-party software linked to the browser, this bug targeted Chrome code directly. 

He said it is worth alerting users more publicly as the fix requires them to take the extra step of manually restarting the browser after the update to nullify the exploit had been downloaded. 

Users can update their version of Chrome by selecting the Help option from the browser’s menu bar and then the About Google Chrome option.  

A security breach was uncovered by hackers before Google realised, which means browsers were exposed before the firm managed to create an update with fixes (stock). The update take less than a minute to install and using an old version could allow a malware attack

A security breach was uncovered by hackers before Google realised, which means browsers were exposed before the firm managed to create an update with fixes (stock). The update take less than a minute to install and using an old version could allow a malware attack 

The search giant has been cagey about the specifics of the way the exploit works 

This is to prevent copycat hackers from using similar techniques to try and break into people’s accounts. 

‘Access to bug details and links may be kept restricted until a majority of users are updated with a fix’, Google said.

‘We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. ‘

Google frequently releases new versions of its browsers to fix bugs that make the system vulnerable to attacks. 

Most of the time, these are regularly made by Google before bugs are able to cause significant damage.

Chrome is the most commonly used web browser in the world, with more than two billion active users. 

HOW CAN YOU PROTECT YOUR INFORMATION ONLINE?

Because hackers are becoming more creative, security experts are warning that consumers need to take all possible measures to protect their identities (file photo)

Because hackers are becoming more creative, security experts are warning that consumers need to take all possible measures to protect their identities (file photo)

  1. Make your authentication process two-pronged whenever possible. You should choose this option on websites that offer it because when an identity-specific action is required on top of entering your password and username, it becomes significantly harder for fraudsters to access your information.
  2. Secure your phone. Avoiding public Wifi and installing a screen lock are simple steps that can hinder hackers. Some fraudsters have begun to immediately discount secure phones altogether. Installing anti-malware can also be beneficial.
  3. Subscribe to alerts. A number of institutions that provide financial services, credit card issuers included, offer customers the chance to be notified when they detect suspicious activity. Turn those notifications on to stay informed about credit card activity linked to your account.
  4. Be careful when issuing transactions online. Again, some institutions offer notifications to help with this, which will alert you when your card is used online. It might also be helpful to institute limits on amounts that can be spent with your card online. 



READ SOURCE

Leave a Reply

This website uses cookies. By continuing to use this site, you accept our use of cookies.