A high-severity security flaw was recently discovered in Chrome browsers.
If you haven’t updated your Chrome browser recently, do it now.
Check your Chrome version by going to menu > about.
If your version of Chrome is below 51.0.2704.63, then you need to update Google Chrome now. Right now.
Did you update and restart? Good, now onto the article.
A PDF flaw hops the Google Chrome security fence
A high-threat flaw was recently found and patched. Basically, it was a glitch within the Chrome browser’s built-in PDF reader. An attacker could execute code on the affected user’s computer simply by having them open a PDF document. The PDF document would contain a malicious image, which contained hidden code that would run as soon as the user opened up the PDF document. Researches at Cisco Talos identified this as a high-severity threat.
Cisco Talos recently wrote on their blog: “The most effective attack vector is for the threat actor to place a malicious PDF file on a website and then redirect victims to the website using either phishing emails or even malvertising.”
PDF problems are nothing new to Google Chrome
PDF attacks are nothing new. Browsers would usually require a plugin that you’d have to download separately in order to view the PDF. Now, most browsers have built-in PDF readers (such as Google Chrome), and this makes opening and reading PDF documents a snap. No downloads. No extra plugins. Open it straight within the browser. However, just because it opens up within the browser doesn’t mean it’s safe, as Chrome is a perfect example. Users still need to be extra cautious and careful opening up any type of PDF document downloaded or received. For example, your employer may have you open something up, but little do they know it’s been affected by malicious code. That PDF documents gets spread around from PC to Mac to PC like a virus. Now, the entire workplace is just a huge botnet. Wow.
Update Chrome for the highest security
Google Chrome has automatic built-in updating for both PC and Mac users. This means that if you’re running Chrome web browser, you already have the latest version downloaded (probably), but not installed. You need to restart your browser for it to take full effect. If Chrome hasn’t downloaded the newest version, you can force it by clicking on the menu, then clicking about Chrome, then clicking on update. Chrome will the download the newest version if one is available.
Make sure you restart Google Chrome to keep your security up
Most people shut off their computer, especially on a desktop, and Chrome will restart on next launch. However, laptop users may not restart their computer, but rather put it into hibernate mode and thus Chrome doesn’t restart. It’s important to close Chrome and then restart it so it can update Chrome to the newest version to fix security bugs, patch issues, and make other improvements, changes, or updates.
Cisco Talos writes: “It is fairly easy for an attacker to take advantage of this vulnerability.” Attackers of this method could inject code into your computer to make it execute whatever command with or without you knowing.”
Be sure to always keep updated to the newest version. And close Chrome to restart it. Keep up to date.