Security News > 2022 > February > Google announces zero-day in Chrome browser – update now!

In the past few days, both Apple and Adobe have published software updates to close off zero-day security holes that were already being exploited by attackers.

In other words, now matter how quickly you update against a zero-day once the patch is announced, you know that someone - and you have to hope that it wasn't you! - has already been attacked and pwned, even if they're accustomed to patching promptly themselves.

Simply put, the zero part of the jargon means that there were zero days during which you could have been patched proactively, no matter how hard you tried, because the attackers got there first.

No hints about how or where the attacks were carried out, what the attackers were after, what the attackers made off with, what indicators of compromise you could look for in your own logs, how to evaulate your risk, or whether there are any workarounds or mitigations you could apply until you're sure everything's been patched.

You will also hear this sort of infection called a zero-click attack, because the attackers don't need to convince you to do anything more than to view their content - something that's generally supposed to be safe because it happens entirely inside your browser window.

The stable version of Edge doesn't have an update out yet , at least in its official Linux repository, where we update from, but we suspect there will be one out soon.

News URL

https://nakedsecurity.sophos.com/2022/02/15/google-announces-zero-day-in-chrome-browser-update-now/