Patches for internet browsers Chrome and Edge coming in the last week of March fix serious vulnerabilities.
A recent article from Tom’s Guide highlights recent patches from Google for Chrome and from Microsoft for Edge, noting that the single-fix patches emphasize how serious the vulnerabilities are:
It’s not clear who’s doing the attacking, but Google in a blog post(opens in new tab) Friday (March 25) drily noted that “an exploit for CVE-2022-1096,” the vulnerability in question, “exists in the wild.”
That’s the acceptably understated way to sound a red alert, though the fact that this security update fixes just that one flaw underlines how serious the vulnerability must be. Microsoft was similarly subdued(opens in new tab) in its own post Saturday (March 26).
Chrome needs to be updated to version 99.0.4844.84, as does the closely related Brave browser. Edge needs to be updated to version 99.0.1150.55. However, the Opera and Vivaldi browsers, which also derive from the open-source Chromium project, did not seem to have incorporated the update at the time of this writing.
Making prompt software updates is a best practice for cybersecurity, and they’re coming with greater frequency and risk of inaction — it’s critical to make updates automatic when possible and be diligent about checking for manual updates available.
Find more in the full article on Tom’s Guide here.