urgent update needed for Chrome users to fix security flaws

US cyber officials have issued a 72-hour deadline for Google users to update their Chrome browsers due to the discovery of two critical security vulnerabilities. These flaws allow hackers to remotely access devices, potentially leading to unauthorized data collection. The Cybersecurity and Infrastructure Security Agency (CISA) has added these threats to its Known Exploited Vulnerabilities list, mandating government employees to update Chrome by September 18, while urging the general public to do the same to safeguard their devices. Google has indicated that Chrome automatically checks for updates, applying them when the browser is closed and reopened. Users who haven't opened Chrome recently are encouraged to do so, ensuring they have the latest version. To verify their update status, users can navigate to the Help section in Chrome. If the Update button is not visible, they are on the latest version. The vulnerabilities were exploited last month, with at least one attack linked to North Korean hackers known as Citrine Sleet. These attacks involved using fraudulent HTML pages to corrupt Chrome, highlighting a new technique that forces users to enter credentials, which can then be stolen. This method poses a significant risk, as it allows hackers to access sensitive information stored in the browser. In addition to Chrome, users of the Edge browser are also advised to update their software. If users fail to update by the September 18 deadline, CISA recommends discontinuing the use of the browser to mitigate potential security risks.