Google issued an urgent upgrade warning this past Friday to its billions of Chrome users around the world. A new zero-day high threat level hack has been found in Google Chrome
The warning was released on Google's official Chrome blog, revealing that Chrome on Windows, macOS and Linux is vulnerable to a new ‘zero-day’ hack (CVE-2022-1096). Microsoft also confirmed that the same zero-day hack affects its Edge browser.
Zero-day is the most dangerous form of attack because it means the vulnerability is known to hackers before Google or Microsoft could issue a fix. As the company admits, “Google is aware that an exploit for CVE-2022-1096 exists in the wild.” This means every Chrome user is vulnerable.
In response, Google has announced an emergency update for Chrome (99.0.4844.84) “for Windows, Mac and Linux which will roll out over the coming days/weeks”.
To check your browser version, navigate to Settings > Help > About Google Chrome — this will also force Chrome to check for updates. Note: you are not protected until you restart the browser.
Microsoft also confirms that it has released a fix for Edge based on the Chromium update that Google already launched for Chrome. To get it, follow these steps:
- In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
- Click on 'Help and Feedback'
- Click on 'About Microsoft Edge'
- Microsoft states that the patched version of Edge is 99.0.1150.553, so if your browser is showing a lower number then you are still vulnerable.
Stay on top of the latest headlines by subscribing to our weekly Reis Informatica Tech Tips Newsletter!