Google’s lead security engineer has warned users to update Chrome immediately or risk having their system hijacked.
A security breach was uncovered by hackers on the desktop version of Chrome before the company had chance to spot the flaw.
The exploit relates to a part of Chrome called FileReader, which lets software built into websites access data stored on a user’s computer.
Google has not released any further details on the bug, to avoid giving copycats information on how to find a workaround to their fix.
The fact that Google didn’t detect the bug themselves meant that Chrome browsers were ‘actively under attack’ before a fix could be released.
Delays like this give hackers a head start and leave users’ systems vulnerable before an update is installed.
Experts say that the bug may have let hackers hijack computers remotely.
Google’s lead security engineer Justin Schuh writing on Twitter, warned users: ‘Seriously update your Chrome installs… like right this minute.’
Mr Schuh added that unlike previous bugs found in Chrome which have targeted third-party software linked to the browser, this bug targeted Chrome code directly.
He said it is worth alerting users more publicly as the fix requires them to take the extra step of manually restarting the browser after the update to nullify the exploit had been downloaded.
Users can update their version of Chrome by selecting the Help option from the browser’s menu bar and then the About Google Chrome option.
The search giant has been cagey about the specifics of the way the exploit works
This is to prevent copycat hackers from using similar techniques to try and break into people’s accounts.
‘Access to bug details and links may be kept restricted until a majority of users are updated with a fix’, Google said.
‘We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. ‘
Google frequently releases new versions of its browsers to fix bugs that make the system vulnerable to attacks.
Most of the time, these are regularly made by Google before bugs are able to cause significant damage.
Chrome is the most commonly used web browser in the world, with more than two billion active users.
END
Be the first to comment