So I Really Have to Update Chrome?

Feb 08, 2021

giphy (16)

 

....unless you want to be infected by something other than Covid. Somebody call the exterminators! 🐜

What it is

The zero-day in question is CVE-2021-21148, a "heap overflow" memory corruption bug in the V8 JavaScript engine. It was identified in the wild by security researcher Mattias Buelens. Not long after Mr. Buelens made this information public, Google's security team released information about government-sponsored cyber attacks from North Korea targeting members of the security community. Social engineering tactics lured researchers to blogs disguised as collaboration projects, only to exploit their browser zero-days and infect their machines.

Coincidence? Perhaps. Security researchers have raised their suspicion, but it remains to be seen what details Google will provide.

Why you should care

Any time an unpatched vulnerability is being exploited in the wild, the risk of data loss and cyber theft increases exponentially. With a hugely popular application like Chrome (who many are probably using right now to read this), it's wise to update bug fixes as soon as they are released. 

But what if I can't patch right now?

I'm glad you asked! In this situation, you're kinda stuck between a rock and a hard place, right? You're still a week out from your next patching cycle; heck, you may even have a bunch of machines that you just can't patch right now. So who do you call? 

PATCHBUSTERS!

Topia protects your applications' vulnerable memory space from any impersonation or injection attempts. So while you're waiting for the go-ahead to deploy those patches, Topia keeps a careful watch for any monkey business in your network—and shuts it down.

It's a nice way to lower your stress levels 😉

 

Photo by Alex Iby on Unsplash

Written by

Kent Weigle

Recent Posts

  • 1

    Vulnerability Remediation Guidelines

    Kent Weigle October 14, 2021
  • 2

    What is Vulnerability Remediation?

    Kent Weigle October 08, 2021
  • 3

    Average Time to Remediation Hits 205 Days

    Kent Weigle August 12, 2021
  • 4

    Vulnerability Management: What You Need To Know

    Kent Weigle July 12, 2021
  • 5

    Vicarius Records Signs Underground Sensation Lil CISO

    Kent Weigle July 28, 2021
last_chanse_02.png

Start Closing Security Gaps

  • Risk reduction from Day 1
  • Fast set-up and deployment
  • Unified platform
  • Full-featured 30-day trial
    CVE Invaders
    cta_cve_06_28px.gif