[ad_1]
GOOGLE is warning users to remove Chrome for the second time this week as the search engine giant confirms “several high profile browser hijacks”.
Once again, the tech giant advised its 2.6 billion users to remove Chrome after posting a new blog post revealing four “high” vulnerabilities.
Google’s Threat Analysis Group (TAG) said hackers had “created malformed code signatures” that would be considered “valid by Windows” but could not be detected by OpenSSL code used in scanners of security.
TAG has discovered that the OpenSUpdater line of software uses this new technique.
Described as risky software, OpenSUpdater displays advertisements on victims’ browsers and then installs unwanted programs on their PCs.
Most of the targeted victims of OpenSUpdater attacks are US based users prone to download cracked games.
The latest warning comes after Google informed its users of a browser security flaw that hackers could exploit on Monday.
While Google has maintained that it is working hard to protect user safety, cyber experts say it’s time to put Chrome aside.
This year, the company revealed the latest in a series of security breaches in a September 24 blog post.
The post confirmed that the 11th Chrome zero-day exploit of the year has been found and has impacted Linux, macOS, and Windows users.
This classification means that hackers could use the flaw to their advantage before the tech giant can fix it – dramatically increasing the threat, Forbes reported.
Google is said to have kept details of the hack secret to protect users after internal employees discovered the flaw.
According to Forbes, this came to light just weeks after Google admitted to “accidentally” allowing secret tracking of millions of users.
At the heart of Google’s latest tracking problem is the rollout of a new Chrome API that detects and reports when a user is “inactive” or not actively using their device.
Google has defended the feature against reviews from security experts who say it can be easily used by malicious sites looking for sensitive information.
“This feature, which we expect to be used by only a small fraction of sites, requires the site to ask for user permission to access this data,” Google told Forbes.
“It was designed with privacy in mind and helps messaging apps send notifications only to the device the user is currently using.”
We pay for your stories!
Do you have a story for the US Sun team?
[ad_2]
Source link