Monday, November 25, 2024

Millions of Google Chrome users issued with 24 hour deadline to update or delete browser by US government

Must read

If it feels like Google Chrome is pestering you to update your web browser every few days — don’t worry, it’s not all in your mind. The Californian company has rushed out a flurry of updates to the over 2 billion people worldwide who rely on the Google Chrome browser after four separate zero-day flaws were unearthed.

Zero-day flaws are those already known to hackers, who are using these bugs to attack users. In other words, it’s a race to ensure users install the update to fix the flaw before they’re ensnared by cyber criminals.


Google will flag an update in the Chrome browser using a series of colour-coded buttons

GOOGLE PRESS OFFICE

With so many emergency updates from the team working on Google Chrome, the US government has issued a deadline for all federal employees to ensure they’re running the latest version of the web browser — or uninstall the application entirely from their machine.

The final deadline to update the latest version of Google Chrome will be June 6, 2024. That leaves less than 24 hours for the roughly 3 million federal employees working in the USA to take action.

Exploitation of the zero-day flaws in Chrome can allow a attacker to take control of your device. Since the vulnerabilities are related to memory, hackers can run their own code on your machine — destabilising the system, or enabling them to install malware and other malicious software to wreak havoc.

The warning issued to federal workers in the United States of America comes courtesy of the Cybersecurity and Infrastructure Security Agency, more commonly referred to as CISA. The government agency, which boasts an annual budget of $2.9 billion (£2.2bn), has mandated federal employees to “apply mitigations according to vendor guidance or discontinue use of the product if mitigations are not available.”

Of course, the deadline from CISA only applies to those working in US federal agencies — but it demonstrates the level of concern around these latest zero-day flaws and is good security practice for everyone to apply the latest patches.

The good news is the process should be pretty painless. Google has designed its Chrome browser to update automatically, with most security patches downloaded in the background. If an update is downloaded but not yet installed, you might find a warning at the top of the main menu stating “Relaunch to update”, “Finish update”, or “New Chrome available”.

You’ll need to relaunch Chrome to apply the latest security patches. This will involve closing the app — interrupting any in-progress downloads, messaging, or Incognito Mode windows.

Google will save any opened tabs and windows, reopening everything automatically when the updated Chrome browser restarts. However, due to the private nature of Incognito Mode tabs and windows, these will not reopen when Chrome restarts.

If you’re unable to close or relaunch Google Chrome at the moment, it’s possible to defer the restart by clicking “Not now”. The next time you restart your browser, the update will be applied. However, given the fast-approaching deadline from the US government agencies, it might be best not to delay these latest patches.

LATEST DEVELOPMENTS

If you’re unsure whether you’re running the latest version of the browser on your Windows or Mac, you can always manually check for updates to Google Chrome by clicking on the three-dot menu in the top right-hand corner of the browser. From there, open Settings > About Chrome.

If there’s an update ready to be downloaded and installed, Chrome will automatically start the process from this page. It will be applied next time you close the browser or restart your computer.

Latest article