Friday, March 31, 2023

It's all about technology

Google releases an emergency update to fix a critical vulnerability in Chrome

    Google has released an emergency security update for the desktop version of its Chrome web browser, with the aim of addressing an exposed vulnerability that was exploited in attacks this year.

    The highly critical vulnerability is being tracked with ID CVE-2022-4135, and it is for GPUs. It was discovered by Clement Lysine, an information security engineer working for Google’s Threat Analysis Group, on November 22.

    “Google knows that the CVE-2022-4135 vulnerability is being exploited in the industry,” Google said in the security update notice.

    Because users need time to apply the security update to their Chrome installations, Google has withheld details about the vulnerability to prevent its malicious exploitation from being expanded.

    The current buffer overflow vulnerability is said to be in GPU memory and causes data to be written to restricted, usually contiguous, locations without checking.

    Attackers may use a buffer overflow vulnerability to overwrite the application’s memory to manipulate the execution path, resulting in unrestricted access to information, or arbitrary code execution.

    Chrome browser users are advised to upgrade to version 107.0.5304.121/122 for Windows and version 107.0.5304.122 for Mac and Linux. This release corrects CVE-2022-4135.

    To update Chrome, the user must go to Settings, then “About Chrome”, then wait until the latest version of the browser is downloaded, then restart it.

    It should be noted that the new Chrome version 107.0.5304.121/122 patches the eighth vulnerability exposed this year, indicating the attackers’ increasing interest in the popular browser.

    As for the previous seven loopholes, they are:

    These vulnerabilities are usually taken advantage of by sophisticated hackers who use them in highly targeted attacks. However, all Chrome users are strongly advised to update their web browsers as soon as possible to prevent potential exploits.

    Get notified whenever we post something new!

    Continue reading

    Celebrities Refuse to Pay for Blue Check Verification on Twitter’s New Subscription Service

    On April 1, Twitter announced that it will remove blue checks from “legacy verified” users who don’t sign up for a Twitter Blue subscription, a move that is part of new owner Elon Musk’s plan to make Twitter profitable

    Amazon Enables T-Mobile Customers to Make Hands-Free Calls with Alexa-Enabled Devices

    Amazon has recently introduced a new feature that allows T-Mobile customers to use their Alexa-enabled devices, such as Echo Dot or Echo Show, to make or receive hands-free Wi-Fi call

    German Regulator Launches Antitrust Review of Microsoft’s Market Power

    The German regulator responsible for enforcing antitrust laws is investigating Microsoft's market power, a move that may result in an examination of the tech giant's business practices and potential bans if they are deemed to damage competition