Nairobi News

US tech giant Google has issued a warning to its billions of users via its official chrome blog that there are multiple new high-level vulnerabilities in its browser, including one it deems ‘critical’.

Google has revealed that the high-level threat affects Chrome users on all major operating systems including Windows, macOS and Linux as they are vulnerable to a new ‘zero-day’ hack (CVE-2022-1096). 

According to Forbes, Zero-day is the most dangerous form of attack because it means the vulnerability is known to hackers before Google can issue a fix. The company admits that they are aware an exploit for CVE-2022-1096 exists, which means every Chrome user is vulnerable.

Google is currently restricting information about the exploit to buy time for Chrome users to upgrade. 

V8 is a Chrome component that is responsible for processing JavaScript, the engine at the heart of Chrome, and the hack tricks the browser into running a different type of (in this case, malicious) code. 

V8 attacks have been relatively rare in recent months, but they can be among the most dangerous if a hacker can create a successful exploit. Chrome’s latest zero-day hack (where hackers are known to exploit vulnerabilities before Google can patch them) is a V8 flaw.

Google is currently limiting information about the new hacks in an attempt to buy time for Chrome users to upgrade. To combat these new threats, Google has released Chrome 99.0.4844.74 which will be available for use in just a few days on Google Play Store.

All Chrome users, therefore, should go to Settings > Help > About Google Chrome. If your browser version on Linux, macOS, and Windows is listed as 98.0.4515.159 or higher, you’re safe. Otherwise, the About screen will prompt you to update and restart your browser.