While you can manually check for updates by clicking on the three-dot menu, opening Settings and then going to About Chrome, Google also uses a color-coded warning system to let you know when new updates for its browser are available. Security researchers have linked the vulnerability, which was given a maximum 10/10 severity rating, to the zero-click iMessage exploit chain, named BLASTPASS, used to deploy the NSO Group’s Pegasus spyware on compromised iPhones.Just like with the recent zero-day flaws patched by Apple, the most important thing you can do to stay safe in this situation is to update Chrome to the latest version as soon as the update arrives in your browser. This reclassification has ramifications for numerous and popular apps using libwebp, which includes 1Password, Firefox, Microsoft Edge, Safari and Signal. This vulnerability was initially misidentified as a Chrome vulnerability, but Google has since assigned it to the open source libwebp library used to encode and decode images in WebP format. The release of an emergency patch for Chrome comes just weeks after Google fixed another actively exploited zero-day that was discovered by Apple’s Security Engineering and Architecture (SEAR) team and Citizen Lab, a digital rights organization at The University of Toronto that has investigated spyware for more than a decade. Predator is a spyware developed by Cytrox, a controversial commercial spyware vendor, that can steal the contents of a victim’s phone once installed. Just last week, Google TAG revealed that three zero-days recently patched by Apple were pushed out to block an exploit used to plant the Predator spyware on the phone of an Egyptian presidential candidate.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |