- Jul 27, 2015
- 5,458
Researchers reported Monday that the vast majority of Chrome users take close to a month to install a new patch – something that’s a cause for concern amid an increase in the number of zero-day attacks on Chrome browsers in the past year.
In a blog posted by Menlo Security, researchers found that while Chrome 87 was released on Nov. 17, 2020, it took at least a month for 84% of customers to update their browsers. The same trend was observed with Chrome 88, which was released on Jan. 19, 2021, but also took a month until 68% of customers updated. Vinay Pidathala, director of security research at Menlo Security, said the researchers pointed out the lag, because of 10 zero-days actively exploiting browsers in the wild during 2020, four were directed at Chrome. “We find that zero-day exploits can work against any application,” Pidathala said. “Attackers target applications that have global and widespread adoption. We think that going forward we will see more zero days against Chrome because of its market dominance.” And starting January 2020, Microsoft’s Edge browser became based on Chromium, Pidathala added. Developing an exploit for Chrome now gives the attackers a much larger attack surface to go after.
Google Chrome users take at least one month to update, as zero-days lurk
And starting January 2020, Microsoft’s Edge browser became based on Chromium. Developing an exploit for Chrome now gives the attackers a much larger attack surface to go after.
www.scmagazine.com