browser update Archives

Winsage

February 23, 2025

Microsoft Windows Warning—Do Not Install This Critical Update

A significant alert has been issued regarding a new browser update threat targeting Microsoft Windows users, as reported by Palo Alto Networks’ Unit 42. Attackers are injecting malicious JavaScript into legitimate websites, misleading users into believing they need to update their browsers. These deceptive messages often use realistic branding and create urgency, prompting users to download and execute scripts that enable malware to retrieve the NetSupport RAT code. This malware allows for remote device control, data exfiltration, and modification of the Windows Registry, complicating its removal. On February 18, 2025, the NetSupport RAT delivered StealC, a credential-stealing malware designed to capture sensitive login information. The SmartApeSG campaign highlights the risks of social engineering and fileless attack techniques, exploiting trusted software update mechanisms. Recommended mitigation strategies include blocking domains linked to SmartApeSG, deploying signatures to detect malicious JavaScript, monitoring anomalous process relationships, restricting PowerShell execution policies, and educating employees about fake update prompts. Users are advised to follow conventional methods for browser updates, check for updates through their browsers, and ensure automatic updates are enabled.

Winsage

July 29, 2024

Google breaks password manager with iffy Chrome update

Google issued an apology for a disruption affecting its password manager for millions of Windows users, which lasted nearly 18 hours and was resolved on July 25. The issue impacted users of the M127 version of the Chrome browser on Windows, making saved passwords temporarily inaccessible. Approximately 2 percent of users within the affected 25 percent experienced this problem, potentially impacting over 17 million users given Chrome's market share of 65.68 percent among the 5.4 billion internet users in 2023. The root cause was identified as a "change in product behavior without proper feature guard." This incident highlights the risks associated with browser-based password managers, as a single flawed update can render a user's password vault unreachable.

AppWizard

July 29, 2024

Samsung is refreshing apps ahead of One UI 7 beta

Samsung has updated its Clock app to version 12.4.00.9, available through the Galaxy Store and via APKMirror. The update features a modern design with new widgets, a notification pill, and enhanced icons for alarm, world clock, stopwatch, and timer functionalities. Additionally, the Samsung Internet browser has been updated to version 26.0.8.1, with a redesigned app icon that tilts in a different direction and has a darker hue. More updates to Samsung applications are expected as the One UI 7 launch approaches, including new app icons and rounded UI elements.