Look, we get it… it’s one thing to hear it from “those IT guys” about how important software updates are. We’re into this stuff, after all, so we worry about things like that more. However, we’re hoping that a warning from Homeland Security to update Google Chrome will have a little more weight.

Yes, that’s right: Homeland Security wants you to update your Chrome browser.

Active Zero-Day Threats Against Chrome

As of this writing, November saw five vulnerabilities patched in the web browser. All five were classified as zero-day threats—a threat that cybercriminals have discovered and put into use before software developers or security researchers are made aware of it. This situation obviously gives the cybercriminal the advantage, making a zero-day threat even more dangerous.

Making this bad situation worse, the last two of these threats were classified as high severity. According to the Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA), the vulnerabilities that compose these threats could enable an attacker to take over the system. One, tied to a JavaScript engine, could be used via a phishing attack, while the other is likely a corruption vulnerability in the browser’s features.

Since these vulnerabilities are now being exploited, CISA has been encouraging users to apply the updates to fix these issues.

Why Updates Matter So Much

Let’s frame it like this: if the front door lock of your business suddenly stopped working, would you get it fixed, or just leave it and hope nobody noticed?

These vulnerabilities are parallel to the broken lock, with far too many users deciding to tempt fate and leave them be. In fact, once these vulnerabilities were mitigated via an update, only half of Android users had updated Chrome within a day. Regardless of whether your users are just being negligent or are using an outdated device, these vulnerabilities leave your business exposed.

Net It On, LLC can help. Our services are hugely centered around applying such patches and fixes in a timely manner. For this kind of help, along with so much other IT assistance, give us a call at (732) 360-2999.

December 2, 2020
Directive