So I Really Have to Update Chrome?

Feb 15, 2021

giphy (16)

 

....unless you want to be infected by something other than Covid. Somebody call the exterminators! 🐜

What it is

The zero-day in question is CVE-2021-21148, a "heap overflow" memory corruption bug in the V8 JavaScript engine. It was identified in the wild by security researcher Mattias Buelens. Not long after Mr. Buelens made this information public, Google's security team released information about government-sponsored cyber attacks from North Korea targeting members of the security community. Social engineering tactics lured researchers to blogs disguised as collaboration projects, only to exploit their browser zero-days and infect their machines.

Coincidence? Perhaps. Security researchers have raised their suspicion, but it remains to be seen what details Google will provide.

Why you should care

Any time an unpatched vulnerability is being exploited in the wild, the risk of data loss and cyber theft increases exponentially. With a hugely popular application like Chrome (who many are probably using right now to read this), it's wise to update bug fixes as soon as they are released. 

But what if I can't patch right now?

I'm glad you asked! In this situation, you're kinda stuck between a rock and a hard place, right? You're still a week out from your next patching cycle; heck, you may even have a bunch of machines that you just can't patch right now. So who do you call? 

PATCHBUSTERS!

Topia protects your applications' vulnerable memory space from any impersonation or injection attempts. So while you're waiting for the go-ahead to deploy those patches, Topia keeps a careful watch for any monkey business in your network—and shuts it down.

It's a nice way to lower your stress levels 😉

 

Photo by Alex Iby on Unsplash

Tags

  • #vicarius_blog

users/photos/ckzu2qthc003w0jnd2nqodctm.jpg

Written by

Kent Weigle

Recent Posts

  • 1

    CISAnalysis - September 30, 2022

    Evan Kling September 30, 2022
  • 2

    Not So Fast: Analyzing the FastCompany Hack

    John Kilhefner September 29, 2022
  • 3

    How to test application with ZAP - Part Two

    Jenny R September 28, 2022
  • 4

    How to test application with ZAP - Part One

    Jenny R September 28, 2022
  • 5

    The World's Worst Hackers Have Flags

    Paul Lighter September 27, 2022
last_chanse_02.png

Start Closing Security Gaps

  • Risk reduction from Day 1
  • Fast set-up and deployment
  • Unified platform
  • Full-featured 30-day trial