Contact Info

Atlas Cloud LLC 600 Cleveland Street Suite 348 Clearwater, FL 33755 USA

support@dedirock.com

Client Area
Recommended Services
Supported Scripts
WordPress
Hubspot
Joomla
Drupal
Wix
Shopify
Magento
Typeo3

Update your Google Chrome now, as hackers have discovered four new security vulnerabilities.

Update, Sept. 28, 2024: This article, initially published on Sept. 27, now includes information regarding the ChromeLoader threat campaign affecting browsers.

The 3.45 billion users of the Chrome browser are likely feeling perplexed this month, facing not one but two significant security updates within just 10 days. It seems that only those using Chrome on iOS have been spared from hackers’ attention this time; although the iOS version has been updated, no security alerts have been issued. In contrast, users of Chrome on Windows, Linux, Mac, and Android platforms are dealing with four confirmed high-severity security vulnerabilities. Here’s what you need to know and do.

It’s not particularly surprising when Google rolls out a security update for Chrome; given its status as a leading browser, it naturally attracts attention from malicious entities. However, it is unusual to see two updates, each addressing various vulnerabilities, released within just a span of 10 days. The most recent security update, which tackled six vulnerabilities with one rated high, was issued on Sept. 17. In light of the fact that all four vulnerabilities in the latest update are rated as high, users across all operating systems, except iOS, are strongly encouraged to update immediately.

A recent stable channel update has been issued for desktop users of the Chrome web browser, alongside another release for those using the Android platform. This update introduces Chrome browser version 129.0.6668.70/.71 for Windows and Mac, 129.0.6668.70 for Linux, and 129.0.6668.70 for Android users.

As per standard procedures, the update will begin rolling out over the next few days, and detailed information about the identified vulnerabilities will not be disclosed to the public until a significant number of Chrome users have had the opportunity to update and ensure their security.

The security concerns addressed in this latest Chrome browser update, along with the information currently available, are as follows:

Users are encouraged to update the Google Chrome browser by navigating to the Help and About option in the menu. When an update is available, it will begin downloading automatically.

Update Chrome Now

It is crucial to restart your browser after implementing the security update; otherwise, the new security patches won’t protect you.

As highlighted in the recent HP Wolf security threat insights report for September 2024, threat actors are increasingly leveraging the ChromeLoader web browser malware in sophisticated and large-scale attacks. While ChromeLoader is not a novel threat, the current campaigns exhibit a “more polished” execution than those seen previously. The HP Wolf report cautions that attackers can effectively hijack browser sessions, redirecting users to malicious websites under their control. Recent ChromeLoader campaigns have prominently featured malicious advertising (malvertising) strategies aimed at deceiving unwitting victims into visiting sites that purport to offer free productivity tools, with PDF converter sites being a frequent target.

Notably, the increased polish of the ChromeLoader campaign includes the establishment of fake companies linked to counterfeit websites. This tactic allows attackers to utilize authentic code-signing certificates to disguise their malware as legitimate PDF software, enabling them to circumvent Windows security measures during installation while reducing the chances of detection by anti-malware solutions.

Google offers a support page that assists users in addressing unwanted advertisements and malware issues. Additionally, Malwarebytes has an extensive collection of information from 2022 related to ChromeLoader, including insights on how to eliminate it. It is advisable to explore the Malwarebytes forums for comprehensive information.

One Community. Many Voices. Create a free account to express your opinions.

Our community aims to connect individuals through open and engaging discussions. We encourage our audience to share their perspectives and exchange ideas and knowledge in a secure environment.

To facilitate this, we request that you adhere to the posting guidelines outlined in our site’s Terms of Service. To summarize, please maintain a civil tone in all interactions.

Your post may be declined if it appears to have content related to:

User accounts may be suspended if there is evidence or suspicion that users are participating in:

So, what steps can you take to become a power user?

Thank you for reviewing our community guidelines. For a complete overview of our posting rules, please refer to our site’s Terms of Service.


Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.

Share this Post
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x