A security warning has gone out to people using Google Chrome as their web browser, and given it’s the world’s most popular one, that’s going to be a lot of people.
Samuel Groß is one of Google’s Project Zero team, a group of security analysts hired by the company to find vulnerabilities.
Speaking to ZDNET, he explained that they were trying to boost the security of a part of Chrome that most people wouldn’t know about.
It’s called V8, and it doesn’t refer to a car engine.
If you use Chrome then you might wish to update it. (Cem Genco/Anadolu Agency via Getty Images)
Instead it’s an open source Google project which is part of Chrome’s JavaScript.
He said: “V8 bugs typically allow for the construction of unusually powerful exploits. Furthermore, these bugs are unlikely to be mitigated by memory safe languages or upcoming hardware-assisted security features such as MTE or CFI.
“As a result, V8 is especially attractive for real-world attackers.”
I won’t pretend to know what all of that means but if someone who knows their technology is talking about it then it’s worth a listen.
If, like me, you’re not sure what all of that means for your computer, it means that hackers can take control of your web browser with code hidden in a fake HTML webpage.
It could let hackers steal your passwords and personal information from Chrome’s password manager and autofill details.
Just think how much of your personal information you input into your web browser and pause for thought as you realise it’s rather a lot, you’re sticking your name, address and all sorts of personal details like card information on there.
It’s a bit technical, but it seems the solution is to update your browser. (Jaap Arriens/NurPhoto via Getty Images)
Chrome has a feature called the ‘V8 Sandbox’ to counteract this and you can get it by updating your browser, but it’ll only work on computers with a 64-bit processor.
About two billion people use Chrome as their browser and not everyone is going to have that level of technology, so it’s useful to know where the danger might be.
If you want to update Google Chrome then all you need to do is open up the browser, click on those three dots in the top right corner, go down to the Help section and then click About Google Chrome.
That should take you to a settings page where an update will automatically start being done, and then you’ll hit the Relaunch button to bring things up to date.
In a recent update for Chrome, Google noted there had been ‘wild exploitation of CVE-2024-7965’, which they paid someone $11,000 (£8,300) for identifying.
