![]() Update to Google Chrome v1.61as soon as you canĪs usual, the Forbes Straight Talking Cyber advice is to ensure that your smartphone is updated as soon as possible so that the vulnerability patches can be applied. Four of the others are in line for a monetary payment but the amounts have yet to be confirmed by Google. The solitary medium-severity vulnerability earned a $5,000 bounty payment. Of those that have been assigned ratings, three high-severity Chrome for Android security vulnerabilities saw bug bounty payments totalling $11,000 made to the security researchers who disclosed them. MORE FROM FORBES Google Chrome-Massive New Security Update For 3.2 Billion Users Confirmed By Davey Winder $11,000 awarded to security researchers in bug bounty payments The remainder, four in all, are wrapped up with a 'various fixes' from ongoing internal security work that have not been given CVE numbers. Of these, eight have been assigned Common Vulnerabilities and Exposures (CVE) severity ratings of high, with one getting a medium scoring. In a Chrome update confirmation published 9 May, Google has revealed no less than 13 security fixes. This latest security warning is directed solely at smartphone users for a change. Windows, Linux and Mac users of the Google Chrome browser can breathe easy for the moment. Click on this and select Help|About Opera. Instead of looking top right as with most browsers, Opera users need to head to the Opera 'O' logo top left. This will automatically start the update checking, download and installation process. Head to 'About Brave' from the burger stack menu top right. Once downloaded and installed, as always, close all tabs and restart your browser. Head to Help and feedback|About Microsoft Edge from the three dot menu top right and if an update is available this will force the process to start. Head for the Help|About option in your Google Chrome menu, and if the update is available, it will automatically start downloading. How to update the Google Chrome browser (Desktop) ![]() I doubt that will happen, not least as the browser market is such a competitive one, but delays measured in terms of days between security updates for the same vulnerabilities is never going to get my vote in pure-security effectiveness terms. A coordinated disclosure between vendors, with security updates scheduled for simultaneous release, would seem to be the ideal solution. While all Chromium-based browsers are different in that they wrap all sorts of proprietary components around the base code, there must be a better way of doing this. Indeed, Chrome itself has a massively greater userbase across both consumer and business profiles with an estimated 3.2 billion users in total. ![]() That said, what I don't get is why the likes of Brave and Opera, albeit with smaller userbases and fewer business-critical users, can act with much greater haste. The latest May Patch Tuesday update has caused authentication failures for multiple business users and an out-of-band update to the original update is expected soon. You only have to look at the situation with the latest Patch Tuesday rollout of security updates for Windows users to see evidence of what can go wrong. I get that Microsoft needs to ensure that any fixes it applies are safe to use across a broad userbase. As with all Chromium-based browsers, downloading and installing the update is not enough on its own you must restart the browser before it can be initiated and start protecting you from potential danger. ![]() In the meantime, however, I suggest you follow the instructions as detailed below in order to keep tabs (no pun intended) on the arrival of the security fix. The Microsoft press office assures me they will look into this for me, so I hope to be able to update you with an answer in due course. I have reached out to Microsoft to ask what the reasons are for this delay and, indeed, why Microsoft Edge users always seem to have to wait longer than Chrome, Brave or Opera users to be protected from known vulnerabilities. We are actively working on releasing a security fix." A May 10 posting states: "Microsoft is aware of the recent Chromium security fixes. It's not as if Microsoft is unaware of the vulnerabilities, of course, and a quick check of the Microsoft Edge security updates release notes confirms this. At the time of writing, and I've been checking on an hourly basis today, some 48 hours after the Google Chrome update was announced, Edge users still cannot update the security of their browser. Which brings me to the not so good news for users of the world's second most popular desktop browser, Microsoft Edge.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |