Cyber SafetyPress ReleaseThreat Detection & Defense

Google Chrome Browser Has a “High-Severity Vulnerability”

On Friday, 19 August 2022, the Singapore Computer Emergency Response Team (SingCERT) advised Google Chrome users to immediately install the latest security updates, following reports that hackers are exploiting a “high-severity vulnerability” flaw. While Google did not provide further information, the company has already released Chrome 104.0.5112.101 for Mac and Linux, and Chrome 104.0.5112.102/101 for Windows to address multiple vulnerabilities. (Source: Channel News Asia)
 
watchTowr commentary: “This vulnerability represents the fifth zero-day vulnerability this year that was discovered due to active exploitation, “in-the-wild.” Effectively, this vulnerability was only discovered because an attacker used it against a target, only then leading to the discovery.
 
While software vulnerabilities are normal, and are at this point par-for-the-course, it is a clear indication of the aggression and lengths that well-resourced adversaries are going to do to compromise their targets.
 
With Google Chrome zero-days being valued in some cases as high as USD $2.5m, the investment and cost/benefit ratio being employed by adversaries is worth noting—and a trend that is unlikely to change.
 
While this won’t be the last zero-day we see exploited in this manner, and not even the last we see for this year, it is clear that the aggression and persistence employed by well-resourced groups is only continuing.
 
Users are advised to follow the advice from experts like the Singapore Computer Emergency Response Team (SingCERT), and ensure that their systems are kept up-to-date with the latest patches.”

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *