So I Really Have to Update Chrome?

Feb 08, 2021

giphy (16)

 

....unless you want to be infected by something other than Covid. Somebody call the exterminators! 🐜

What it is

The zero-day in question is CVE-2021-21148, a "heap overflow" memory corruption bug in the V8 JavaScript engine. It was identified in the wild by security researcher Mattias Buelens. Not long after Mr. Buelens made this information public, Google's security team released information about government-sponsored cyber attacks from North Korea targeting members of the security community. Social engineering tactics lured researchers to blogs disguised as collaboration projects, only to exploit their browser zero-days and infect their machines.

Coincidence? Perhaps. Security researchers have raised their suspicion, but it remains to be seen what details Google will provide.

Why you should care

Any time an unpatched vulnerability is being exploited in the wild, the risk of data loss and cyber theft increases exponentially. With a hugely popular application like Chrome (who many are probably using right now to read this), it's wise to update bug fixes as soon as they are released. 

But what if I can't patch right now?

I'm glad you asked! In this situation, you're kinda stuck between a rock and a hard place, right? You're still a week out from your next patching cycle; heck, you may even have a bunch of machines that you just can't patch right now. So who do you call? 

PATCHBUSTERS!

Topia protects your applications' vulnerable memory space from any impersonation or injection attempts. So while you're waiting for the go-ahead to deploy those patches, Topia keeps a careful watch for any monkey business in your network—and shuts it down.

It's a nice way to lower your stress levels 😉

 

Photo by Alex Iby on Unsplash

Written by

Kent Weigle

Recent Posts

  • 1

    Three Important Steps for Your Vulnerability Remediation Process

    Kent Weigle July 12, 2021
  • 2

    Challenges with Traditional Vulnerability Scanners

    Kent Weigle July 10, 2021
  • 3

    Vulnerability Scanning: What Does It Entail?

    Kent Weigle July 09, 2021
  • 4

    To Patch or Not to Patch

    Kent Weigle June 30, 2021
  • 5

    Common Issues with Patch Management

    Kent Weigle June 30, 2021
last_chanse_04.png

Start Closing Security Gaps

  • Risk reduction from Day 1
  • Fast set-up and deployment
  • Unified platform
  • Full-featured 30-day trial