Google Chrome hit by zero-day attack. Update it now.

ByCraig Haley

Those who use Google Chrome to surf the Internet are advised to ensure that they have the most up-to-date version of the browser installed after the discovery of a zero-day whereby attackers are exploiting a vulnerability in Chrome’s ability to handle special fonts.

First things first. What’s a zero-day exploit? Well, that’s a vulnerability in a piece of software that the bad guys found before the good guys. This usually means the bad guys are exploiting that vulnerability to attack users of that software before the developers of the software can rush out a security fix for the vulnerability.

The “zero-day” refers to the number of days the good guys had to fix a problem before it was being exploited by the bad guys. Since the bad guys found it first, the number of days is ZERO.


Sponsored Content. Continued below...




Exploiting vulnerabilities in software can often be a particularly effective way of launching an attack against a person. That’s because while most Internet scams rely on a user compromising their own security by making a poor security choice, vulnerabilities don’t really need a user to deviate all that much from general good security habits. In a worse case scenario, a user could, for example, merely visit a website to find themselves the victim of a malware attack.

In this instance, the vulnerability is affecting the Google Chrome browser, one of the most popular browsers used by the public right now. Google have already launched an update to fix the vulnerability; a vulnerability that took advantage of how the browser deals with special fonts, a feature that allows websites to display custom fonts to a visitor who may not have that particular font installed on their computer.


Sponsored Content. Continued below...




Not a great deal is known about how attackers are actively launching attacks through this vulnerability. That’s an intentional omission by Google, who naturally don’t want to tip off any other cyber-crooks. No doubt more details will be forthcoming when most users have had time to update their versions of Chrome.

This means our readers are advised to ensure Google Chrome is updated to the latest version, which should be 86.0.4240.111. To check, go to the three dotted icon, click Help and then About Google Chrome. If you’re not at the aforementioned version, there should be a button on that page that allows you to update, which may mean a restart of Chrome. If you don’t turn your computer off for long periods of time, you may need to head over to that page to finish the download, even if Chrome is set to auto update.

Keep up-to-date with all the latest cybersecurity threats and our tips to stay safe online. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)