Goggle has just issued a new critical warning to all Chrome users on the latest patch to a serious flaw on its browser across all Windows, Mac, and Linux Platform. At the time of publication Google is not revealing the details of this vulnerability.
The codename of the exploit is CVE-2020-6457, with a vague description of the issue: “Use after free in speech recognizer”. According to cyber security firm Sophos, “[I]n some cases, use-after-free bugs can allow an attacker to change the flow of control inside your program, including diverting the CPU to run untrusted code that the attacker just poked into memory from outside, thereby sidestepping any of the browser’s usual security checks or “are you sure” dialogs. That’s the most serious sort of exploit, known in the jargon as RCE, short for remote code execution, which means just what it says – that a crook can run code on your computer remotely, without warning, even if they’re on the other side of the world.”
Chrome 81.0.4044.113 is rolling out for Windows, Mac and Linux right now. You can check your version of Chrome by clicking the three vertical dots in the top right corner of the browser then navigating to Help > About. As long as you are running this version (or above if you are reading this post at a later date) you are safe. If not, you must update urgently – something Chrome should prompt you to do on its About page.