Displaying items by tag: Chrome

Google appears to have failed so far in 2022 to reach one of the stated goals in its review of zero-days for 2021: sharing exploit samples or detailed technical descriptions more widely.

Google's bid to position itself as some kind of competitor to Microsoft based on its security credentials has been dealt a bad blow, with the company reporting the third zero-day in its browser Chrome just before the long Easter weekend.

Google has issued a patch for a vulnerability in its Chrome browser that is being actively exploited in the wild.

The competition watchdog, the ACCC, has called for measures addressing Google’s dominance in search engine services, including a choice screen that provides consumers with a selection of search engines, to be introduced in Australia.

Adobe's new Acrobat extensions for Google Chrome and Microsoft Edge provide what the company claims is the most comprehensive set of PDF tools.

Hardware authentication provider Yubico has announced its YubiKey Bio Series, the first from its portals to support fingerprint recognition for secure passwordless and second-factor logins.

Search giant Google has taken a swing at European anti-trust regulators over a €4.34 billion (US$5.07 billion, A$6.96 billion) fine imposed on it in 2018 for allegedly breaching anti-trust rules relevant to Android, claiming the authorities had turned a blind eye to Apple, its sole rival in the smartphone space.

Global security firm Kaspersky has revealed that targeted attacks against a number of companies, which it noticed in April, initially used a vulnerability in Google's Chrome browser and then linked this to two zero-days in the Microsoft Windows 10 kernel.

Search giant Google has been forced to patch yet another zero-day in its Chrome browser, the fourth this year, but the company has not provided any indicators of compromise or other details n its advisory.

Just a day after an Indian researcher released details of a one-day bug in Google's Chrome browser, a Chinese researcher known as frust has released a zero-day for the same browser.

The companies behind privacy-focused search engine DuckDuckGo and Norwegian browser Vivaldi have joined the Brave browser chiefs in opposing Google's new experimental ad-targeting technology known as Federated Learning of Cohorts.

Users of the Google Chrome and Microsoft Edge browsers have been told that they need not hold too many fears over a one-day vulnerability in the V8 JavaScript engine used by the two applications, but should still patch as and when patches were made available.

Microsoft has issued patches for four remotely-exploitable vulnerabilities in its Exchange Server product, a little more than a month after the company warned of four zero-day exploits being used to attack the application.

The Brave browser will not support Google's experimental new technology for ad targeting, known as Federated Learning of Cohorts, two senior officials from the organisation behind the browser say.

Google has begun a trial of its experimental new technology for ad targeting, known as Federated Learning of Cohorts, selecting a random set of users without notifying them, the Electronic Frontier Foundation, an organisation that fights for digital rights, says.

Google has extended a feature known as Password Checkup, originally available as an extension for its Chrome browser, to Android, with the mobile operating system including the feature from version 9 onwards.

If you're still using the old version of the Edge browser that shipped with earlier versions of Windows 10, you'll soon be upgraded to the new version, with the old no longer supported and set to be uninstalled.

ANALYSIS Google's recent move to limit the use of its APIs in Chrome, such as Chrome sync and Click to Call, appears to be driven by the launch of Microsoft's Edge browser based on the open-source version of Chrome, known as Chromium.

Security vendor Avast has identified malware hidden in at least 25 third-party Google Chrome and Microsoft Edge extensions. These extensions are associated with big-name sites including Instagram and Facebook.

A client-side vulnerability in the Google Play Core Library, patched by the company in April, is still present in many Android apps because developers are yet to include the patch into these apps.