Security updates are automatic, but it’s always best to check on your device to be sure that the fix has not only been downloaded but also activated. Google also says that it is “aware that an exploit for CVE-2023-4863 exists in the wild.” MORE FROM FORBES Google Warns Gmail Users Ahead Of New Security Alerts-Set Up 2FA Now By Davey WinderĪs such, and given that there appears to be a potential connection between the BLASTPASS spyware campaign and this emergency Chrome security update, all Chrome users are advised to update as soon as possible. Meanwhile, Google has stated that Chrome updates to 1.187 for Mac and Linux, and 1.187/188 for Windows, will roll out across the coming days. 1password 1Password Releases Update Your Chrome Browser Now We recommend our users always update to the of our apps to enjoy the strongest security, and will continue latest version to improve our defense-in-depth stance even further.” Details of all the latest 1Password releases can be found here. Our defense-in-depth measures protect against the majority of security bugs affecting the Chrome components we use, but regrettably not all of them. 1Password is designed to substantially reduce the attack surface of vulnerabilities affecting Google Chrome for 1Password. We haven’t seen any reports that this issue has been exploited in 1Password apps. The issue does not affect 1Password for iOS or Android, nor earlier versions of 1Password. This is part of a wide-ranging industry issue that impacts many apps, including users of 1Password 8 for Mac, Windows, and Linux versions before 8.10.15, which were released on September 13, 2023. An attacker can exploit this issue by sharing accounts with potential victims to achieve remote code execution or steal secrets. This means older iPhones, such as the iPhone 6 and 7, are now protected despite iOS 15 being out of support.Ġ9/18 update: 1Password’s chief technology officer, Pedro Canahuat, told Forbes that “An issue inherited from Google Chrome was discovered that affects the way 1Password displays images in WebP format. Patches are now available for iOS 15.7.9, iPadOS 15.7.9, macOS Monterey 12.6.9 and macOS Big Sur 11.7.9. Apple has, however, now released further security updates for earlier versions of iOS as well as iPadOS and macOS. There is still no confirmation that the WebP vulnerability is connected to the BLASTPASS exploit chain comprising two zero-days that could lead to iPhones getting infected by Pegasus spyware. Other web browsers that have been updated to patch the zero-day WebP vulnerability include:Įdge, which has been updated to 1.81 (116.1938.79 for iOS)įirefox, which has been updated to 117.0.1 Ivanovs explains that the problem sits with the BuildHuffman Table function, introduced in 2014. This installs alongside an existing version of Chrome, allowing you to use stable builds alongside it.I have approached Apple, Citizen Lab, and Google for a statement and will update this article if any is forthcoming.Ġ9/14 update: Developer and blogger Alex Ivanovs has confirmed that, as well as web browsers, “any software that uses the libwebp library” is affected by this vulnerability, including Electron-based applications such as 1Password and Signal.ġPassword applications for Mac, Windows and Linux have been updated to patch against CVE-2023-4863, and Signal Desktop has been updated to include the patched Electron v25. If you’re on a Mac I recommend rolling with the Canary channel. Chromium developers have built a ‘fail safe’ into the server infrastructure that distributes updates to ensure that only compatible builds can install on compatible systems. On a 32-bit system? There’s no need to panic. Data on Mac performance has yet to filter out but it’s a promising indication nonetheless. Windows 64 bit Chrome builds have boosted performance by 25%, say Google, while also improving stability. ![]() 64-bit builds allow Chrome to ‘address’ (read: use) more available memory on your system (assuming you have it) and perform more tasks concurrently, and faster. What are the benefits of the switch? On paper: better performance and better multitasking. ![]() ![]() ![]() As of Chrome version .0 on OS X, 64-bit Chrome is a-go on the dev channel: Latest Developer Channel Release Benefits Now it seems as though that testing is ready to go wider. In fact, if you use the Canary channel frequently you may have already used one, as developers often seeded builds for testing there on occasion. Most recent versions of Apple’s desktop operating system no longer default to the 32 bit architecture, a move that has seen some third-party plugins for the platform, like Java 7, offered only in 64-bit versions.Ĭhromium developers have been working on bringing native 64 bit builds of Chrome to OS X for a while. ‘Google quietly updated Chrome to a 64 bit build without you noticing!’
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |