Today, Google Fixes Chrome Zero-Day vulnerability to all platforms.
Google has released new chrome browser version 88.0.4324.150 for Mac, Windows and Linux. Which will be roll out to all platforms soon.
[$TBD] High CVE-2021-21148: Heap buffer overflow in V8. Reported by Mattias Buelens on 2021-01-24
Google is aware of reports that an exploit for CVE-2021-21148 exists in the wild.
Heap-based Buffer overflow, which are difficult to execute and the least common of the two, attack an application by flooding the memory space reserved for a program.
How To Update?
To update Chrome Browser 88 Version.
Go to Settings –> Help –> About Google chrome.
It will check automatically for new update and install or directly download from google.com/chrome.
A day before Over a Dozen Chrome Extensions Caught Hijacking Google Search Results. According to the Avast security report, Backdoored Browser Extensions Hide Malicious Traffic in Analytics Requests.
CacheFlow was notable in particular for the way that the malicious extensions would try to hide their command and control traffic in a covert channel using the Cache-Control HTTP header of their analytics requests. In the research, experts believe this is a new technique.
In addition, it appears to us that the Google Analytics-style traffic was added not just to hide the malicious commands, but that the extension authors were also interested in the analytics requests themselves.
What is CacheFlow?
Cacheflow is a huge network of malicious browser extensions that infected millions of users worldwide. the malicious extensions were hijacking their victims’ clicks and modifying their search engine results. Since CacheFlow was well capable of hiding itself, and using to hide the fact that it was executing malicious code in the background.
What we are recommending
Check your Browser extension Tab and delete unusable extension immediately, Update your browser now.
Also Read- How To Hide Files In Kali Linux?