Google Chrome has recently been found to have multiple vulnerabilities, some of which could allow for arbitrary code execution.
This is a flaw in the software or hardware of a device or system that, if an attacker finds it, could allow them to edit or delete data or install harmful software on the machine. In this context, the browser is the access point for a would-be attacker.
While there are no current indications this threat is being exploited, any versions of Google Chrome prior to 99.0.4844.74 are in danger and should be updated as soon as possible.
This security vulnerability is deemed a high risk for small, medium and large businesses as well as a similar level of risk for all government entities. As for home users, the risk posed is lower but still a threat.
In order not to be caught out yourselves over a cyber attack such as this, the Centre for Internet Security has published a list of recommendations to businesses on how to prevent this:
- Apply updates to Google Chrome to take it past the vulnerable version
- Run software without administrative permissions
- Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources
- Teach users about the threat of clicking on hyperlinks from untrusted sources
- Give users access to only the most necessary resources to stop the spread of malware
With the complexity of this type of attack, not all businesses may be prepared to deal with a serious cyber incident. Make sure you are not next on the long list of targets.