Whether we like it or not, a good part of our day has passed in front of the screen of a computer, searching for information or carrying out tasks online, often and willingly through a browser. If you too are part of the 65.19% of Italian users who have chosen to entrust their browsing to Google Chrome, you could be vulnerable to a hacker attack. For once, the solution exists and it is also simple to apply: just update the browser to fix two of the vulnerabilities that the Californian company has identified. Let’s see what it is, who the hackers are and how to check if you are safe.
The culprits? North Korean hackers
It’s not often that a U.S. federal government agency sand take it with a Google product but this is what happened in the last few days, when the Cybersecurityrthety and Infrastructure Security Agencyresponsible for cybersecurity in the United States, sent a urgent message to federal government employees. The content is singular: Update Chrome to the latest version by September 18 or stop using itThe urgency is justified by the danger posed by a group of cybercriminals linked to the government of North Korea to remotely launch programs on your computer, turning it into a tool to infiltrate your company network or collect your personal informationThe first vulnerability, CVE-2024-7971, was particularly insidious and was identified on August 19 by Microsoft researchers and is considered quite serious.
This security flaw was used by a group of hackers called Citrine Street for an attack zero daya vulnerability still unknown to developers, who therefore have zero days to prepare a patch. Hackers targeted cryptocurrency-related financial institutions, using manipulation techniques against users to gain access to their computers. In reality, these are well-known techniques, perhaps operated via an email from a colleague, a message from this or that government agency to convince the unsuspecting user to download a software or compromise the security of your organization in any way. The second known exploited vulnerabilityCVE-2024-7965, was discovered by an independent cybersecurity expert, known by the nickname TheDog, on July 30 and is also attributable to the so-called human hacking.
How to Check If You’re at Risk
Once made aware of this vulnerability, experts from the Chromium security team prepared Updates able to fix both of these flaws. Usually things end here, with a concise statement released through the channels dedicated to security experts of the Mountain View company but, this time, Google has decided to go beyond. Considering the climate of alert for the latest cyber attacks that have seen actors linked to hostile governments like Russia or China, the Californian company has decided to activate the tool on all installed versions of its browser Safety Check. This feature, which normally needs to be activated by users, is now runs in the background both on Android devices and on PCs. You may have noticed this, since, every now and then, notifications arrive informing you that some rarely used apps they no longer have the authorization to access the camera or the phone itself.
Security Control, in fact, actively reports possible threatsmonitors security updates, prompting users to take action when necessary. Chrome has been running updates in a completely automaticwith users only noticing the update when they are prompted to restart their browser but it is very simple check whether you are at risk or not. Just go to “Settings”, “Privacy and Security” and press the “Security Check” tab to see if Chrome has Vulnerability detected in your account or if it needs to take action to keep you safe.
Then just go to “About Chrome” to to check if the update has been performed: the latest version for Windows available at the moment is 129.0.6668.59, better to rest easy.