Bad news, just like every other browser, Google Chrome too has security flaws. Created as a secure browser with tons of security features, this popular browser comes with a history of security problems. This year, Chrome has been into news headlines not for its security updates but for a zero-day vulnerability. In the last three months, 3 zero-day flaws have been discovered, and this is not a good sign.
That said, is it safe to trust Chrome? or should we even use it?
To help users make a better decision and know what’s going on, here’s the history of Chrome’s security problems and how one can stay safe.
Third Zero-Day Flaw
Classified as CVE -2021-30551, and known as “type confusion in V8,” this latest zero-day threat is related to Windows and was discovered last week. The detected susceptibility is related to the open-source JavaScript rendering engine that Chrome and other browsers like Vivaldi, Opera, Brave, and Microsoft Edge based on Chromium use.
To fix this loophole that can be exploited by hackers, Google has released its new version Chrome 91.0.4472.101 for Mac, Windows, Linux. Declared by Google this new version of Chrome will fix 14 security issues that were a threat to browsing, including a zero-day flaw which is tracked as CVE -2021-30551.
In addition, Shane Huntley- Director of Google’s Threat Analysis Group acknowledged on Twitter that the flaw is motivated by the same actor that caused CVE-2021-33742. It is a remote code execution error in Windows MSHTML tenets which was revealed by Microsoft on June 8.
Chrome in-the-wild vulnerability CVE-2021-30551 patched today was also from the same actor and targeting.
Thanks to Chrome team for also patching within 7 days.https://t.co/1RDbbuiBfY https://t.co/Ap9dEq98Cy— Shane Huntley (@ShaneHuntley) June 9, 2021
Moreover, a security alert is being issued by The Government Computer Emergency Response Team Hong-Kong which says “Users of affected systems should update the Google Chrome to version 90.0.4430.85 to address the issue,”. Therefore it is highly recommended to the users to update the Chrome browser on their computer as soon as possible on whichever platform they use Chrome like Mac, Microsoft, or Linux.
Also Read: How To Manage Chrome Extensions: A Quick Guide
How to Update Google Chrome?
Google Chrome will be updated automatically in the computers that alleviate this error. But if you want to update it manually please follow the steps: –
- Open Google Chrome > Go to Settings > Help > About Google Chrome.
- If you are not using Chrome 91 it will automatically start updating
- You will then see the percentage of update being installed
- Once this is done, hit Relaunch to apply updates
- Afterward, to check if Chrome is updated, click the three dots > Help > About Chrome. You will be able to see the latest version as shown in the image below.
Security Flaws – In the History Of Google Chrome
The zero-day flaws is not a new case that Google has encountered. There have been many instances reported in this year where such flaws were detected in Chrome like: –
As reported by Mattias Buelens on January 24, this flaw gave access to a remote attacker to exploit heap corruption via HTML-crafted pages.
- CVE-2021-21191
Discovered in WebRTC (Web real-time communication), this was a flaw related to an open-source project that gave fascinating communication facilities like chat, video, the voice on web browsers and mobile applications.
- CVE-2021-21192
It was a high-risk heap-buffer overflow error reported by Abdulrahman Alqabandi.
Considered critical, this security flaw was ranked 8.8 out of 10 on the CVSS vulnerability rating scale. As per the IBM X-Force vulnerability report- The flaw could allow a remote attacker to execute arbitrary code or cause a denial-of-service on the system.
All this clearly shows Chrome is plagued with security issues. Whatever the company says or does in the name of security, the fact Chrome is under attack cannot be changed. If you are worried about privacy, it’s time to switch and try using browsers like DuckDuckGo, Tor, and others. These secure browsers have fewer possibilities of getting attacked by such vulnerabilities. Based on my experience I would recommend using Safari which is very secure but it is only for Mac. Therefore, if you are a Windows user, you can give DuckDuckGo a try.
We hope this information has been an eye-opener for you. What do you think about Google Chrome concerning vulnerability? Do you think it is safe and we should use it? Or you would start using some other browser.
Share your thoughts about the same in the comments box below.
Our Verdict: –
There have been several zero-day threats in the past which Google has acknowledged. Google claims they have a trusted team of engineers who continuously monitor them and eradicate such vulnerabilities to provide a solution before they could expand.
But after so many reported issues which are very severe for the users now it is time to think if Google Chrome is the only solution left for browsing. Users have a wide range of browsers to choose from for net surfing. We recommend you change the browser because so many reported issues have developed the fear in users that their data can be compromised.
But till the time you decide which browser to use please install this new update by Google Chrome in no time to be on a safer side. Install new updates manually because the automatic installation may take some time.
If you find this article useful then let us know in the comment section and also let us know which browser suits you the best for surfing which has lesser flaws.
Next to Read:
How To Install Tor Chrome Extension And Enjoy Private Browsing Mode
Solved – Google Chrome Opens On Startup In Windows 10 PC
How to Fix "Virus Scan Failed” Error In Chrome
Leave a Reply