“UPDATE EXCEPTION. An error occurred in Chrome’s automatic update. Please install the update package manually later or wait for the next automatic update.”
For many employees, they need to access multiple applications and systems throughout the day, including the Internet. That’s why a recent attack was so powerful.
Playing on security fears with internet browsers, malicious attackers compromised websites with JavaScript that would produce a fake Chrome update, just like the one above.
It’s not a real update. And this trick worked on hundreds of people who clicked on the update and infected their network.
Vulnerabilities Lurk in the Shadow of Popularity
Chrome has 2.65 billion active users. That’s a lot of people… and a lot of potential victims.
Chrome is one of the most popular browsers in the world. Still, there’s bugs in software. Attackers know that and target it. Keeping Chrome up to date is critical.
One common bad habit is leaving Chrome open for too long and pushing off any update messages. When Chrome updates are loaded with zero day fixes, you don’t want to be putting off those notifications.
“What Happens When I Click a Weird Link in My Browser?”
Going back to your rogue Chrome Update message…
Attacks like this happen when legitimate websites are compromised so that they serve up fake Google Chrome update error messages.
Don’t click on the link. If someone clicks on the link, malware is distributed.
The infection enters through a Zip file that executes a cryptojacker, draining power, degrading performance, and compromising credentials and Personal Health Information (PHI).
Whether these links come to you via email or directly in your web browser… we advise thinking twice before clicking on any unusual links.
What Does Structured Patch Management Look Like?
How well do you know your patch management process?
So many healthcare establishments get hacked or held for ransom because:
- They’re clinging to manual processes.
- It’s hard to keep up with the amount of patches for Chrome and other software.
- No support for third-party software.
- On-premises patch management tools fail.
- No one really knows the true patch management process from A-Z.
- No complete visibility into all devices, including the devices running Chrome.
These are only some of the reasons why IT healthcare teams choose to deploy Syxsense Enterprise.
Now they let Syxsense automatically scan and detect misconfigurations that are missing on Chrome. After a speedy three-hour timeframe from issuance, all new patches are thoroughly tested and prepared for deployment.
With live Patch Tuesday updates, Syxsense users gain exclusive access to the latest need to know patches.
Ready to experience powerful endpoint and patch management with vulnerability scanning and remediation-all from a single agent? Schedule a demo today.
