Friday, 28 October 2022

Want to protect yourself? Install Chrome 107 now

Google is rolling out Version 107 of its Chrome browser which adds a variety of under-the-hood additions and makes some important tweaks to better protect you on the internet.

Because of the 14 individual security fixes included in Chrome 107, we strongly recommend that you download the update as soon as it’s available to you. The most important one revolves around a zero-day vulnerability called CVE-2022-3723. It's  a Type Confusion flaw affecting Chrome’s V8 JavaScript engine. As it’s described by cybersecurity company Avertium, the flaw allows bad actors to “trick” the browser into running malware and making users think it’s legitimate data. 

Avertium states that while Chrome V8 engine attacks are uncommon, they are among the most dangerous. And it appears this is the third time Google has patched a Type Confusion bug this year. One occurred back in March and the other in April

As for the rest of the security patch, things aren’t as severe. You see fixes for data validation and for browser extensions. But considering there are billions of Chrome users, there are a lot of avenues for bad actors to use. We repeat: update the browser.

New tools

The rest of the update is more focused on future-proofing Chrome. HEVC (High Efficient Video Coding) is now partially supported on the browser. Also known as H.265, HEVC is a codec that more efficiently compresses files to speed up download times. It's more commonly seen on electronic devices. With this update, Chrome joins Safari and Microsoft Edge as the only major web browsers with HEVC support.

Video conferencing tools are also seeing a few changes to make them more user-friendly. Developers of these tools can now include a button allowing people to switch between tabs whenever they’re screen sharing. It’s essentially a type of hotkey to save you from having to dig through a mass of tabs. Chrome 107 will also alert you if you share the same tab that you’re video conferencing from. Doing so causes a “hall of mirrors” effect, according to the patch notes.

Other reports claim additional features are present in the update, but we couldn’t find them. Android Police states Chrome now has the ability to import passwords from an external password manager or other browsers. And apparently, the media picker for Chrome 107 on Android has been updated. We reached out to Google to see if this is true, as well as if there are other hidden features. This story will be updated if we hear back.

Availability

You can download the update by going to "About Google Chrome" in the browser menu to automatically install it. Despite the slew of security fixes in the update, Google still has its work cut out. Recent reports claim that 300 new security vulnerabilities were discovered in Chrome this year alone. It’s possible there could be another high-severity Type Confusion bug in there waiting to be discovered. 

We recommend being proactive in this case. To better protect yourself, check out TechRadar’s best internet security suites for 2022.

https://ift.tt/jok0zXu

No comments:

Post a Comment