Hackers could hijack computers using a flaw
HACKERS uncovered a security breach on the desktop version of Google Chrome before the company had chance to spot the flaw. The bug is more dangerous as it targets Chrome directly. Users must also actively reboot their computers in order to expel the flaw.
Google tells users to update the browser immediately due to a disruptive bug which is not a third party apps.
This is why Google’s lead security engineer has warned users to update Chrome immediately or risk having their system hijacked.
A security risk known as ‘CVE-2019-5786’ was revealed by hackers and left browsers exposed while the company created an updated version Chrome with bug fixes.
The exploit relates to a part of Chrome called FileReader, which lets software built into websites access data stored on a user’s computer. Google has not released any further details on the bug, to avoid giving copycats information.
THE BUG LEAVES USERS’ SYSTEMS VULNERABLE
Google didn’t detect the bug themselves because Chrome browsers were ‘actively under attack’ before a fix could be released. Delays like this give hackers a head start and leave users’ systems vulnerable before an update is installed.
Specialists say that the bug may have let hackers hijack computers remotely.Google’s chief security engineer Justin Schuh writing on Twitter, warned users: ‘’Seriously update your Chrome installs… like right this minute.”
Schuh added that unlike previous bugs found in Chrome which have targeted third-party software linked to the browser, this bug targeted Chrome code directly. It is worth alerting users more publicly as the fix requires them to take the extra step of manually restarting the browser after the update to nullify the exploit had been downloaded.
HOW TO UPDATE CHROME
Users can update their version of Chrome by selecting the Help option from the browser’s menu bar and then the About Google Chrome option. Chrome is the most commonly used web browser in the world, with more than two billion active users. Google frequently releases new versions of its browsers to fix bugs that make the system vulnerable to attacks. Most of the time, these are regularly made by Google before bugs are able to cause significant damage.
‘Access to bug details and links may be kept restricted until a majority of users are updated with a fix’, Google said.’We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. ‘
The search giant has been guarded about the specifics of the way the exploit works. This is to prevent copycat hackers from using similar techniques to try and break into people’s accounts.
PUBLIC WIFI MUST BE AVOIDED
Avoiding public Wifi and installing a screen lock are simple steps that can hinder hackers. Some fraudsters have begun to immediately discount secure phones altogether. Installing anti-malware can also be beneficial.
Are you at risk? The answer is yes. If you’re online in a coffee shop, surfing away without much concern about security, you’re safe if everyone else online there is a nice person and just enjoying free Internet. (And quite honestly, that could often be the case.) Avoid using passwords. According to the experts, hackers can track useres’ keyboard activity and get passwords, even though they can’t actually see them. There are software programs to download designed to hide passwords (look for them online)— but it might be better to avoid activities where you’re using passwords to log-in to most sensitive or important accounts.
Google asks users to make their authentication process two-pronged whenever possible. Users should choose this option on websites that offer it because when an identity-specific action is required on top of entering password and username, it becomes significantly harder for hackers / fraudsters to access users’ information.
Google asks users to SECURE phone.
A number of institutions that provide financial services, credit card issuers included, offer customers the chance to be notified when they detect suspicious activity. Turn those notifications on to stay informed about credit card activity linked to your account.
Be cautious when issuing transactions online. Again, some institutions offer notifications to help with this, which will alert when your card is used online. It might also be helpful to institute limits on amounts that can be spent with your card online.
The browser is also the main component of Chrome OS, where it serves as the platform for web apps.
Most of Chrome’s source code comes from Google’s open-source Chromium project, but Chrome is licensed as proprietary freeware. WebKit was the original rendering engine, but Google eventually forked it to create the Blink engine; all Chrome variants except iOS now use Blink.
As of February 2019, StatCounter estimates that Chrome has a 62% worldwide browser market share across all platforms.
Chrome initially used the WebKit rendering engine to display web pages. In 2013, they forked the WebCore component to create their own layout engine Blink. Based on WebKit, Blink only uses WebKit’s “WebCore” components, while substituting other components, such as its own multi-process architecture, in place of WebKit’s native implementation.