Users of Google Chrome on desktop may encounter weak security in some versions.
Google Chrome is a popular online browser because of its privacy and security features. SimilarWeb data from August 2022 indicates that Chrome has a market share of 61.96%, making it the most widely used web browser globally. However, if you believe that you are secure online, you might want to reconsider. This is due to recent research by freemium VPN service provider Atlas VPN. It has identified Chrome as the most vulnerable browser of 2022, with 303 vulnerabilities discovered to date. With 3,159 vulnerabilities, Chrome holds the top spot for most vulnerabilities. The question arises about what is Atlas VPN.
What is Atlas VPN?
Atlas VPN refers to a complete range of security and privacy features. It includes data tunneling, with kill switches along with private DNS and sophisticated encryption. Whether you surf at home or on a public network, Atlas VPN for Windows 10 encrypts your traffic. It guards against Several entities that may spy on your activity, including ISPs, hackers, advertising agents, and others. It is safe to use Atlas VPN because it has a strict no-logs policy and military-grade encryption. In Singapore, the United States, as well as the Netherlands people, enjoy free Atlas VPN. Netflix and other streaming services cannot be unblocked by this program even though it is fast and secure. Chrome Version of VPN gives all traffic from all Chrome windows, Chrome apps, and Android apps. They typically transit over the VPN connection because full tunnel VPN implementations are the norm.
The News
Google Chrome is the only trusted browser with recently identified flaws in October. The vulnerabilities include CVE-2022-3307, CVE-2022-3311, CVE-2022-3314, and CVE-2022-3309. CVE-2022-3318.
These vulnerabilities are due to
- Inadequate policy enforcement that is applied in extensions API.
- inadequate validation or untrusted input checks in v8,
- An open-source Javascript and web assembly engine
- According to Computer Emergency Response Team, several flaws (CERT-In) in some desktop versions of Chrome. Also vulnerability to Versions earlier than 105.0.5195.52 are warned strictly by the aforesaid agency.
What are the consequences of these vulnerabilities?
Attackers can put into risk the security of affected systems by using these vulnerabilities to execute arbitrary code on them.
Atlas VPN’s free download option also enables users to take the risk for Google Chrome Security.
Google first disclosed the security bypass vulnerability on September 2 after being alerted to it by an anonymous user.
Microsoft Edge is next having 103 vulnerabilities. It is followed by Mozilla Firefox with 117 vulnerabilities.
Apple’s Safari browser now only has 26 vulnerabilities. Recently, Safari reached 1 billion users, moving it into second place among all browsers globally.
CERT-In recently disclosed notes for vulnerabilities in Google Chrome two times this month. Earlier, it was discovered that Google Chrome OS has several vulnerabilities that could be exploited by attackers to run arbitrary code or deny services.
Interestingly, there are no known vulnerabilities with the Opera browser.
The Safety Measures for your Google Chrome Browsing
It is hereby noted that after this news people may find less trust in using Chrome further. But at the same time, some prevention steps can make them safe from being impacted. Let us learn it.
- Try to Keep your Google Chrome browser updated. A browser update should be installed as soon as it becomes available to reduce security risks.
- As vulnerabilities increase, fake developers are responding by publishing security fixes. Select dependable plug-ins. Pick a reputable developer for your browser plug-in, to ensure the most recent updates of Google Chrome are installed to avoid browser plug-ins that may be malicious or contain security flaws.
- From Settings, change the privacy and security options of the Google Chrome browser.
- Review the privacy and security options on your browser. For instance, check for third-party cookies that enter by allowing advertisements.
- Try to disable pop-ups. New browser windows often push advertisements, and some of them may include harmful links or offensive information. This can be prevented by Installing plug-ins that stop pop-up windows automatically while your surfers to monitor your online activity, are being blocked by your browser.
How does the Chrome store allow dangerous extensions to existing?
Through a “newly uncovered malware campaign” it is found that Chrome browser extensions that have been downloaded 32 million times have been used to spread the spyware. (Browser extensions are add-ons that give users access to extra features.) According to the study, Google removed more than 70 extensions from its official Web Store last month. This is done after being made aware of their harmful nature by Awake Security researchers.
How did these malicious extensions originally end up in the Chrome store?
After the “clean” versions have been approved, it has been found that the “malicious payloads” are only added to the extensions. These “sleeper agent extensions,” in other words. according to the study of Awake Security that first brought this problem to light.
What response did Google give to this?
Google after this news recently removed the fraudulent extensions, According to Scott Westover, a Google Spokesperson, they have taken strict actions after getting aware of extensions in the Web Store that violate their policies. to improve automated and manual analyses,”
The study also stated that despite repeated commitments to more closely monitor services, Google “refused to say how the latest spyware contrasted with prior efforts, the depth of the damage, or why it could not detect and delete the rogue extensions on its own.”
Some of the fraudulent extensions were not ever available in the Chrome Web Store, as was previously mentioned.
How is the user tricked?
Avoid prompts that ask you to set a new browser as the default.
To begin with, some of these dishonest gamers operate websites that present themselves as professional and make deceptive claims. One instance that has been noted is a security extension that authenticates a maliciously populated page as secure.
The Awake Security study lists the following simple identifiers to help security professionals determine whether an extension is malicious or fake: These extensions have a significant following despite being relatively new on the market and having an unknown brand and little information; user reviews are consistently positive.
Conclusion
People using Google Chrome Version will still allow Atlas VPN. We are awaited to find the next flawless features Google Chrome includes further for user safety. For more such blogs, click here.
