fbpx

Update Google Chrome Now

google

Google Confirms Serious Chrome Security Problem – Here’s How To Fix It

The problem explained

Although information regarding CVE-2019-5786 remains scarce currently, Satnam Narang, a senior research engineer at Tenable, says it is a “Use-After-Free (UAF) vulnerability in FileReader, an application programming interface (API) included in browsers to allow web applications to read the contents of files stored on a user’s computer.” Some further digging by Catalin Cimpanu over at ZDNet suggests that there are malicious PDF files in the wild that are being used to exploit this vulnerability. “The PDF documents would contact a remote domain with information on the users’ device –such as IP address, OS version, Chrome version, and the path of the PDF file on the user’s computer,” Cimpanu says. These could just be used for tracking purposes, but there is also the potential for more malicious behavior. The ‘use-after-free’ vulnerability is a memory corruption flaw that carries the risk of escalated privileges on a machine where a threat actor has modified data in memory through exploiting it. That’s why Google has issued the urgent update warning, as the potential is there for exploits to be crafted that could enable an attacker to remotely run arbitrary code (a remote code execution attack) whilst escaping the browser’s built-in sandbox protection.

What to do next

Luckily this is an easy problem to fix, just make sure you do it as soon as you’ve finished reading this! First, head over to the drop-down menu in Chrome (you’ll find it at the far right of the toolbar – click on the three stacked dots) and select Help|About Google Chrome. You could also type chrome://settings/help in the address bar if you prefer, which takes you to the same dialog box. This will tell you if you have the current version running or if there is an update available. To be safe from this zero-day exploit, make sure that it says you are running version 72.0.3626.121 (Official Build). If not, then Chrome should go and fetch the latest version and update your browser for you automatically.

Travis Biehn, technical strategist and research lead at Synopsys, said “Google Chrome is some of the most robustly engineered C and C++ code on the planet, the security teams working on Chrome are world-class. Despite Google’s security program, and despite their active collaboration with leading security researchers through generous bug bounty programs, it still suffers from memory corruption attacks related to the use of C and C++. Luckily for the public, Chrome ships with an effective mechanism for update and patching – one that can get a critical fix out to end users in real time.”

You can follow me on Twitter, connect with me on LinkedIn and find more of my stories at happygeek.com

These are Google’ instructions:

Get a Chrome update when available

Normally updates happen in the background when you close and reopen your computer’s browser. But if you haven’t closed your browser in a while, you might see a pending update:

  1. On your computer, open Chrome.
  2. At the top right, look at More More.
  3. If an update is pending, the icon will be colored:
    • Green: An update’s been available for 2 days.
    • Orange: An update’s been available for 4 days.
    • Red: An update’s been available for 7 days.

To update Google Chrome:

  1. On your computer, open Chrome.
  2. At the top right, click More More.
  3. Click Update Google Chrome. If you don’t see this button, you’re on the latest version.
  4. Click Relaunch.

The browser saves your opened tabs and windows and reopens them automatically when it restarts. If you’d prefer not to restart right away, click Not now. The next time you restart your browser, the update will be applied.

Give Google’s Chrome browser a major speed boost with one click

Google_Chrome_icon_and_wordmark

With more than 64% of the global market as of last month, Google’s Chrome browser is by far the most popular desktop web browser by a massive margin. The next closest is Microsoft’s Internet Explorer, and its global market share totalled less than 11% in December 2018. Chrome is the browser of choice for so many reasons, not the least of which are things like simplicity and speed. When it comes to speed though, things aren’t always straightforward. Chrome is typically lightning fast when loading webpages, but your browser speed can really take a hit when there are tons of tabs open. I know I pretty much always have tons of tabs open.

Here’s the explanation and download link:

How it works
Whenever you find yourself with too many tabs, click the OneTab icon to convert all of your tabs into a list. When you need to access the tabs again, you can either restore them individually or all at once.

When your tabs are in the OneTab list, you will save up to 95% of memory because you will have reduced the number of tabs open in Google Chrome.

Privacy assurance
We take your privacy seriously. Your tab URLs are never transmitted or disclosed to either the OneTab developers or any other party, and icons for tab URL domains are generated by Google. The only exception to this is if you intentionally click on our ‘share as a web page’ feature that allows you to upload your list of tabs into a web page in order to share them with others. Tabs are never shared unless you specifically use the ‘share as a web page’ button.

How do you make money?
OneTab is free of charge and is not designed to make money. It was created because we badly *needed* it for our own use, and we wanted to share it with the world.

Additional Benefits
Depending on how many scripts are running inside your tabs, moving them to OneTab can also speed up your computer by reducing the CPU load. We have also had reports that this also contributes to your computer resuming from sleep more quickly.

More Features
OneTab lets you easily export and import your tabs as a list of URLs. You can also create a web page from your list of tabs, so that you can easily share your tabs with other people, other computers, or with your smartphone or tablet.

You can drag and drop tabs in your OneTab list to reorder them. You can also hold down the Ctrl or Cmd key while restoring tabs and they will remain in your OneTab list (meaning you can use OneTab as a way of quickly launching a set of commonly used tabs). OneTab supports retina displays. Note that OneTab is designed to leave in place any ‘pinned’ tabs you have.

You will not lose your list of tabs if you accidentally close the OneTab window, if your browser crashes, or if restart your computer.

2018 Update: We’ve been working like crazy to make OneTab much much better – including implementing lots of your feature suggestions. We’re full time on it now and have great momentum. Thank you for all of your thoughtful feedback, please keep it coming.

Download One Tab for free

Who’s watching you?

ssl-certificate-from-spearhead-multimedia

Sometimes we don’t realize and then don’t remember whom we’ve given access to our Google account in order to set up an account from another vendor.

It’s always a good idea to go to https://myaccount.google.com/permissions while you’re logged in to your Google account and review who has access to your private information.

If you use an Android based phone be careful not to remove access to important apps and make sure you do for the questionable ones.  Not sure about an app?  Google it and see.

The New Chrome and Safari Will Reshape the Web

By 


APPLE AND GOOGLE are cracking down on obnoxious online ads. And they just might change the way the web works in the process.

Last week Google confirmed that Chrome—the most widely used web browser in the world—will block all ads on sites that include particularly egregious ads, including those that autoplay videos, hog too much of the screen, or make you wait to see the content you just clicked on.

Apple meanwhile announced yesterday that Safari will soon stop websites from automatically playing audio or video without your permission. The company’s next browser update will even give users the option to load pages in “Reader” mode by default, which will strip not only ads but many other layout elements. The next version will also step up features to block third parties from tracking what you do online.

But the two companies’ plans don’t just mean a cleaner web experience. They represent a shift in the way web browsers work. Instead of passively downloading and running whatever code and content a website delivers, these browsers will take an active role shaping your web experience. That means publishers will have to rethink not just their ads but their assumptions about what readers do and don’t see when they visit their pages.

For years, browsers have simply served as portals to the web, not tools for shaping the web itself. They take the code they’re given and obediently render a page as instructed. Sure, browsers have long blocked pop-up ads and warned users who tried to visit potentially malicious websites. But beyond letting you change the font size, browsers don’t typically let you do much to change the content of a page.

“Browsers have always been about standards and making sure that all browsers show the same content,” says Firefox vice president of product Nick Nguyen. “It’s been a neutral view of the web.”

The problem is that this complacency has led to a crappier web. Publishers plaster their sites with ads that automatically play video and audio without your permission. Advertisers collect data about the pages you visit. And criminals sometimes use bad ads to deliver malware.

 Many people have taken the matter into their own hands by installing plugins to block ads or trackers. About 26 percent of internet users have ad blockers on their computers, according to a survey conducted by the Interactive Advertising Bureau. Some 10 percent have ad blockers on their phones.

Now browser-makers are starting to build these types of features right into their products. Firefox added tracker-blocking to its private browser mode in 2015, and Opera added an optional ad-blocking feature last year. Meanwhile, newer companies like Brave and Cliqz have launched privacy-centric browsers of their own.

Now, thanks to Apple and Google, this trend is going mainstream. About 54 percent of all web surfers used Chrome last month, according to StatCounter, and about 14 percent used Safari. In other words, nearly all browsers will at the very least let users curb the worst ads on the sites they visit. And websites will have to adjust.

The Business of Blocking

It might seem weird for Google, one of the world’s largest advertising companies, to build an ad-blocking tool right into one of its core products. But the search giant may be engaging in a bit of online judo. Google only plans to block ads on pages that feature types of ads identified by an ad-industry trade group as the most annoying. Google may be hoping that stripping out the worst ads will eliminate the impetus to download much stronger third-party ad blockers that also block its own ads and tracking.

Apple, which doesn’t depend on advertising revenue, is taking a more radical approach. In addition to blocking cookies that could be used to track people across sites, the company will also give users the choice to display only the main content of a page, throwing out not just ads but extras like lists of “related stories” and other enticements to stay on a particular site. The page’s prescribed fonts and color scheme get thrown out as well.

Safari has offered the reader view as an option since 2010, but traditionally you’ve had to load a page before you can turn the option on. Letting people turn it on by default means they could visit pages and never see the original versions. That’s a big change that goes well beyond ad-blocking. It means that a page’s code could soon act more as a set of suggestions for how browsers should present its content, not a blueprint to be followed as closely as possible.

That doesn’t just change the way companies have to think about ads. It changes the relationship between reader and publisher—and between publishers and browser makers. For example, Brave—the privacy-centric browsing company founded by Firefox creator Brendan Eich—hopes to essentially invert the advertising business model by having the browser, not the webpage, serve up ads, then share the revenue with publishers. That’s just one new model that this new paradigm makes possible, whether publishers like it or not.