Security Awareness Newsletters

This Week’s Cybersecurity News, 05/15/2024

Posted on May 15, 2024Share on

Google Chrome logo

Good afternoon.

Today I have to tell you about an emergency update needed to address a vulnerability in Google Chrome.

Browser Updates

  • Chrome
    • Google has released an emergency security update to address vulnerabilities in Chrome.
    • A zero-day vulnerability, tracked as CVE-2024-4671, has been discovered and is actively being exploited in the wild.
    • These vulnerabilities could allow an attacker to take control of an affected system, such as installing software; accessing, modifying, or deleting data; or creating new accounts with full administrative user rights.
    • Since your browsers are being managed by UTIA ITS, you should be getting the updates automatically.
    • Please check your Chrome browser immediately to ensure that you have this update.
    • In your browser, go to Settings (the three lines in the upper right-hand corner) and scroll down to Help.
    • Click on Help and click on About Google Chrome.
    • A window will open to show you if your browser is up to date and what version you should have.
    • If you don’t have version 124.0.6367.207/.208 or higher for Windows or Mac, please restart the browser.
    • And if you are using Linux, please make sure that you have version 124.0.6367.207 or higher.
    • It is very important to know that this vulnerability is not limited to Chrome and that Chromium-based browsers, such as Microsoft Edge, need to have necessary updates applied as soon as they are available.
    • The latest Microsoft Edge version is 124.0.2478.105 and checking for the version is very much like checking in Chrome.
  • Important Reminder
    • The Institute does automatic updates for your operating system, as well as your apps and browsers.
    • If you get a popup with the correct logo that reminds you that you need to do your updates, let the updates be completed.
    • If you have recently clicked to have your computer restart later to finish these updates, please make sure you reboot right away to ensure all available updates have been applied.
    • And if you leave your browser(s) open most of the time, please don’t forget to restart each browser daily to ensure you are getting the latest browser updates, as the updates will not finish if the browser is open.

I certainly appreciate all you do to protect the Institute and its data. Please don’t ever hesitate to let me know if you have any questions or concerns when it comes to IT security.

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone has an email group for students who are not employees of your department, please let me know what that address is and I can include it. I do this as a blind copy so student names and addresses will not show up!

Sandy Lindsey
Chief Information Security Officer
Information Technology Services
The University of Tennessee
Institute of Agriculture

 

 

G061​ McCord Hall
2640 Morgan Circle Drive
Knoxville, Tennessee, 37996
Phone: (865) 974-7292; (865) 806-5224
sandy@tennessee.edu