Earlier this month, security researchers discovered a vulnerability in Chrome. The flaw is located in the web browser's Lens component, the visual search feature that analyzes images. This is a critical memory issue. In short, memory resources are not properly released after being used. This is a Use After Free (UAF) error, in which the program continues to use a freed block of memory.
A malicious HTML page
The vulnerability could allow an attacker to manipulate data in memory. To exploit the flaw, the attacker can use a malicious HTML page that they craft. They then have to convince the victim to search for information using images, translate text, or identify objects on a webpage with Google Lens. To achieve this, To exploit the flaw, the hacker who wants to use it would have to develop social engineering attacks.
Once Lens has been used, the attacker can exploit the flaw with the malicious page. This can force the Lens component to use the corrupted memory. Ultimately, the attacker can execute arbitrary code on the targeted system. The flaw can lead to the installation of a virus or data theft. It affects all versions of Chrome, whether on desktop or mobile. To date, there is no evidence that the flaw has been exploited in a cyberattack
Install the Google Chrome patch
Researchers quickly alerted Google to the existence of a flaw. The Mountain View giant corrected the situation by integrating a patch into Chrome update 134.0.6998.117/.118 for Windows and Mac, into update 134.0.6998.117 for Linux, and into firmware 134.0.6998.108 for Android. We obviously encourage you to install the update as soon as possible on your device. Google indicates that updates Updates will be rolled out over the coming days and weeks.
To install the update when it becomes available, simply open the browser and click on the three vertical dots in the top right corner. Select Help, then About Google Chrome. Chrome will automatically check if an update is available. If so, it will be downloaded and installed automatically. Once complete, click Relaunch to apply the update. Chrome update.
Source: Google
0 Comments