JS not enabled U.S. issues alert after Google fixes major Chrome browser flaw - Daily Manchester
  • U.S. issues alert after Google fixes major Chrome browser flaw
U.S. issues alert after Google fixes major Chrome browser flaw

A breach can allow web pages to infect your computer with viruses.

The Infrastructure Security and Cybersecurity Agency issued an alert after Google released a security update to the Google Chrome browser that corrects a security breach deemed serious.


According to the agency and Google, there is already a code capable of exploiting the flaw circulating on the web. The vulnerability allows a website to modify the visitor’s system, installing viruses or making other changes. If the attack is combined with a failure in the operating system, the attacker is able to gain complete access to the system.


The update should arrive automatically, but it can also be manually installed by going to the three-point menu> Help> About Chrome in the browser.


The updated version, number 86.0.4240.183, fixes nine other vulnerabilities, but none is as serious as an existing problem in “V8”, the Chrome component responsible for processing JavaScript code.


In normal situations, JavaScript actions should remain confined to pages that contain the respective code. With this flaw, JavaScript can breach the isolation imposed by the browser and modify other aspects of the site besides the page itself.


The problem exists in Chrome for Windows, macOS and Linux.

Different failure on Android

Chrome for Android also received an update (version number 86.0.4240.185) to correct a different and specific flaw for the browser interface on that system.


According to Google, code also exists to exploit this vulnerability, which means that the update must be installed as soon as possible. It is possible that it has already been used in attacks, but details have not been reported.


On Android, updates are automatically installed by the Play Store app.

Leave a Reply

Your email address will not be published. Required fields are marked *