Jump directly to the content

GOOGLE is alerting users to a "high-severity" security flaw that could leave them defenseless against hackers.

A new update patches four bugs in the Chrome web browser - and a string of 11 digits could be a sign you're still at risk.

Google has issued an urgent fix for four known security flaws in Chrome, and an 11-digit code
3
Google has issued an urgent fix for four known security flaws in Chrome, and an 11-digit codeCredit: Getty

Chrome has become a common target for attackers. It is used by nearly 3.5 billion people, making it one of the most popular browsers in the world.

The latest update, August 28, fixes four vulnerabilities in the desktop version of the browser.

Of these, two are flaws in Google's open-source Javascript engine, V8. V8 powers Chrome and is an especially attractive target for attackers, as flaws provide hackers an easy way to deliver malware.

The two other exploits fall under the category of heap buffer overflows.

READ MORE ON GOOGLE CHROME

This type of bug affects Skia, the graphics library used to render images in Chrome. A remote attacker can use the loophole to execute unauthorized code or access users' sensitive data.

Google says its engineers have patched the issues and encourages users to check their browser's version number.

The Stable channel has been updated to 128.0.6613.113/.114 for Windows and Mac and 128.0.6613.113 for Linux.

This channel is fully tested by the Chrome test team, so it is considered the best options for users who want to protect themselves online.

The Stable channel receives updates every two to three weeks for minor releases and every four weeks for major releases.

Meanwhile, the Extended stable channel has been updated to version 128.0.6613.114 for Windows and Mac.

Google Chrome owners can make single click to stay safe – but beware ‘red alert’

Users on the Extended stable channel get feature updates less frequently, but still receive security fixes.

It's updated every two to three weeks for minor releases and every six weeks for major releases.

To check what version of Chrome you're using, launch the browser and click the three dots in the top right corner of the screen.

Hover over Help and click About Google Chrome. The telltale digits will be listed below the browser name in the new window that opens.

If updates are available, you can click Relaunch to restart Chrome and install them.

Users should check Chrome to ensure it is updated to the latest version, which includes patches for vulnerabilities that allow hackers to snoop on their activity
3
Users should check Chrome to ensure it is updated to the latest version, which includes patches for vulnerabilities that allow hackers to snoop on their activity

Google reports the latest changes are expected to roll out in the coming days, though the exact timeline is unclear.

Despite its best efforts, the firm isn't always fast enough to catch cybercriminals.

In January, the company confirmed the first exploit of 2024 for a zero-day vulnerability and issued an urgent fix.

A zero-day vulnerability is a security flaw that a hacker exploits before it can be resolved.

The tech behemoth found another crack in Chrome's code in May, marking the fourth zero-day exploit of the year.

Google identified 97 zero-day vulnerabilities last year, or security flaws that hackers exploit before they are patched. These most commonly serve as an avenue for spyware
3
Google identified 97 zero-day vulnerabilities last year, or security flaws that hackers exploit before they are patched. These most commonly serve as an avenue for spywareCredit: Getty

And it seems hackers are only getting better at finding security flaws.

A 2023 report identified 97 zero-day vulnerabilities, marking a 50% spike from the previous year. Eight of the zero-days targeted Chrome.

READ MORE SUN STORIES

Spyware vendors were behind a whopping 75% of known zero-day exploits targeting Google services and Android devices last year.

As the name indicates, spyware covertly gathers data from a device and sends it to third parties without a user's permission.

How to keep your iPhone safe

While Apple's iPhone Operating System has a reputation of being safe, you could always take steps to be even safer. Here's what Mackenzie Tatananni, Science and Technology Reporter at The U.S. Sun, has to say.

One of the easiest ways to avoid being hacked is to download the latest software updates, which usually contain patches to fix vulnerabilities.

You can also keep your iPhone up to date with the most recent software by turning on automatic updates.

When searching for software, apps, or really anything to download onto your iPhone, only look to trusted sources.

The official App Store is just one example - applications in there have all been vetted by Apple as opposed to those from a third-party source.

You should also exercise caution when downloading text or email attachments.

Do not click on suspicious attachments or links if you haven't confirmed where they come from.

They can inject malware onto your phone or nab your personal information under the guise of being from a trusted source, like a bank or employer.

To take steps to protect your data from interception, refrain from connecting to public WiFi networks.

If you must, be sure to use a Virtual Private Network, or VPN - there are tons of options in the App Store.

Topics