Latest news with #Chromium-based
Yahoo
5 days ago
- Business
- Yahoo
Windows 11 22H2 and 23H2 Are Getting New Features
Microsoft is releasing updates for Windows 11 versions 23H2 and 22H2 to keep users up to date. The updates include shortcuts like Win + C and a new FAQs section within the OS settings menu. It's still best to update to 24H2 now for more features and security, with 25H2 on the way. When Microsoft releases a new major update to Windows 11, the company wants you to update your computer, and therefore quickly deprecates the previous versions. In a relatively rare move, Microsoft is rolling out a few updates to Windows 11 23H2 and 22H2. Microsoft has released a non-security update for Windows 11 23H2 and Windows 11 22H2. These updates first came out in late 2023 and late 2022, respectively. 22H2 was deprecated last year, in October 2024, while 23H2 is scheduled to reach end-of-life on November 11 this year. So it's pretty surprising to see Microsoft release updates for these two versions in the first place, and the fact that they're feature updates rather than just security updates adds to the weirdness. So what's exactly in this update? For one, Microsoft is adding the Win + C shortcut, which fires up Copilot, to these two older versions. Because your operating system might be deprecated, but Microsoft doesn't want you to miss out on easier ways to access Copilot. I wouldn't be surprised if this is the reason Microsoft wanted to roll out this particular update to older versions. When the company wants to push something to users, it goes all the way. In case you don't remember, back when Microsoft released the Chromium-based version of Microsoft Edge, the company famously pushed the update to Windows 8.1 and Windows 7 users, despite the fact Windows 7 was not receiving updates anymore. It's not the only addition, at least. Microsoft has added a new FAQs section directly within the OS' settings menu. By going under System and then on the About page, this section can give you a few quick answers to commonly asked questions regarding your PC and the Windows 11 operating system itself. Another user-facing improvement focuses on file sharing. When you drag a local file from File Explorer or the desktop, a new tray interface will now appear at the top of the screen. This will display suggested applications for quickly sharing or opening the file. If the app you're looking for isn't immediately suggested, you can select a "More" option, which will then open the standard Windows share window to give you more options for sharing or opening. Your best course of action is to take the 24H2 update now. It's free, it will give you a lot more features, and it will keep your PC safe for another year. 25H2 is also getting close. This is a preview update, and a more finalized version should roll out to your computer within the next few weeks if you have one of these versions. Source: Microsoft
Tom's Guide
15-05-2025
- Tom's Guide
Google just fixed a high-severity Chrome flaw that can be used to take over your account — update right now
If you've been holding off on updating your browser, now is the time to do so as a new set of emergency security updates for Chrome include fixes for a high-severity vulnerability that can be used by hackers to take over your Google account. As reported by BleepingComputer, these new security updates patch a total of 4 flaws, though one is particularly worrying due to the fact that it has been actively exploited by hackers in the wild. The vulnerability in question (tracked as CVE-2025-4664) was discovered by a security researcher at Solidlab that described it as an insufficient policy enforcement in Chrome's Loader component. If exploited, it could allow remote attackers to leak cross-origin data by leading potential victims to malicious sites. In a post on X, Solidlab's Vsevolod Kokorin explained that the flaw can be used to gain access to query parameters which can contain sensitive data. For instance, if someone is using the OAuth authorization framework, the data in a query parameter can be stolen and used to perform an account takeover. According to a security advisory from Google, the search giant is aware that an exploit for this flaw exists in the wild. This means that hackers could already be using it in their attacks. Fortunately though, it has now been patched in a series of Chrome security updates that will roll out to all users in the coming days and weeks. Just like with the best phones, the easiest way to keep Google Chrome and other Chromium-based browsers like Microsoft Edge, Opera, Brave and Vivaldi safe from hackers is to ensure that you install updates as soon as they become available. Chrome makes it very simple to know when an update is available as Google uses a color-coded warning system. If you take a look at your profile picture, a bubble will appear next to it when there's an update for the browser. This bubble will be green for a 2-day-old update, orange for a 4-day-old update and red when an update was released a week ago. Get instant access to breaking news, the hottest reviews, great deals and helpful tips. If you don't want to wait for an update to appear, you can also manually update Chrome by clicking on the three-dot menu in the upper right-hand corner of your browser. From there, you need to open Settings and then go to About Chrome. If an update is ready to be installed, Chrome will automatically begin downloading it, and it will be applied the next time you restart your browser. Besides keeping your browser updated regularly, you also want to be careful when installing new extensions. Malicious browser extensions are one of the main tools that hackers use to steal sensitive browser data like passwords. For this reason, you want to avoid installing unnecessary extensions and audit the extensions you do have installed from time to time. If you haven't used an extension recently, it's best to uninstall it because just like the apps on your phone, good browsers extensions can turn bad when injected with malicious code. As for keeping your computer safe from malware and other cyberattacks, you want to make sure that you're using the best antivirus software on your Windows PC or the best Mac antivirus software on your Apple computer. For even more protection though, you might also want to consider signing up for one of the best identity theft protection services since they can help you recover your identity if it's stolen as well as get back any funds lost to fraud. Google frequently updates Chrome to fix security flaws like the one described above. However, it's up to you to keep your browser updated when patches do become available. If you regularly update your browser and avoid clicking on links in messages and emails from unknown senders, you should be able to stay safe online.
Yahoo
24-04-2025
- Business
- Yahoo
Perplexity Would Also Consider Buying Google's Chrome, Raises Concerns About OpenAI's Bid
On the second day of Google's landmark antitrust search trial, AI startup Perplexity told the court it would consider buying Chrome-but would rather Google retain the open-source browser over seeing it fall into the hands of a company like OpenAI. Although it's unclear how Perplexity would be able to afford the browser. When asked whether Perplexity believes any company other than Google could run Chrome at scale-without sacrificing quality or charging people, Perplexity's chief business officer Dmitry Shevelenko said "I think we could do it."Shevelenko raised red flags about the future of Chromium, Google's open-source browser base, if OpenAI were to snap up Chrome in a court-ordered divestiture, (OpenAI exec Nick Turnely, who testified earlier in the week, said the company would be interested in Chrome in the event of a spin off). In the event of a forced sell off, Perplexity is working on its own workaround. The company plans to launch Comet, a Chromium-based browser it's building in-house. Shevelenko said that Google makes strong products that others can iterate on, and Perplexity doesn't want a remedy that "cripples Google's ability to keep doing that." However, he also didn't hold back on sharing his complaints of the tech giant having exclusive agreements with mobile carriers. "There's all the self-serving incentive to be here today and shout about how evil Google is, and I think we want to be reasonable," Shevelenko said, per The Verge. DOJ Accuses Google of Using Search Monopoly Tactics To Push AI Product Gemini This isn't the first time Perplexity has thrown its hat in the ring for a big tech castoff. The AI startup has also floated the idea of buying TikTok, the social giant currently staring down a potential U.S. ban over its ties to China-based ByteDance. Perplexity isn't just worrying about Chrome. Shevelenko testified that Google's ironclad distribution deals with phone makers and carriers have boxed his company out of similar partnerships. Meanwhile, The Justice Department is urging the court to unwind those deals as part of its remedies to break up Google's illegal search monopoly. Perplexity's Next Bet? An AI-Driven Browser Called Comet Shevelenko-who had initially hesitated to testify due to concerns about potential repercussions from Google-didn't shy away from detailing his complaints. He walked the court through the cumbersome process of setting Perplexity as the default AI assistant on Android, admitting he even needed help from a colleague. He added that even after completing the process, Perplexity's assistant still doesn't operate on equal footing with Google's-requiring people to manually activate it, per The Verge. Shevelenko also said that Perplexity had engaged with a list of anonymized phone makers in an attempt to strike a deal to have its AI search preloaded as the default in the U.S. However, he said, the company was unable to reach any agreements. The phone makers, he explained, were wary of jeopardizing their share of Google's revenue by breaking existing deals. Apple's Search Deal Is Critical to Google. The Courts May Rule It Illegal
Fox News
24-04-2025
- Fox News
Browser extensions put millions of Google Chrome users at risk
Browser extensions can be a great way to boost your productivity while browsing. Chrome, which is the most popular browser out there, supports a wide range of extensions, and so do other Chromium-based browsers. However, these extensions are not always beneficial. While many are helpful for blocking ads, finding the best deals or checking grammar errors, some can end up doing more harm than good. I recently reported on a group of malicious extensions that were stealing user data, and now a new report has flagged 35 more suspicious ones. These browser extensions request unnecessary permissions and have been reported to collect and share everything you do online. Join the FREE "CyberGuy Report": Get my expert tech tips, critical security alerts and exclusive deals, plus instant access to my free "Ultimate Scam Survival Guide" when you sign up! A recent investigation by John Tuckner, founder of Secure Annex, revealed concerns about 35 Chrome extensions, posing potential privacy and security risks. These extensions, many unlisted on the Chrome Web Store, were collectively installed over 4 million times. Many of these sketchy extensions presented themselves as tools for search assistance, ad-blocking, security monitoring or extension scanning but shared a connection to a single, unused domain, suggesting coordinated behavior. They all use the same code patterns, connect to some of the same servers and require the same list of sensitive systems permissions, including the ability to interact with web traffic on all URLs visited, access cookies, manage browser tabs and execute scripts. What's more concerning is that at least 10 of these extensions carried Google's "Featured" badge, implying vetting for trustworthiness. This raises questions about Google's review process, as the badge suggests compliance with high standards for user experience, privacy and security. The main concern is the level of access these extensions quietly request and how they use it. With permissions to read tabs, access cookies, intercept web requests and inject scripts into pages, they can monitor nearly everything you do in your browser. This includes tracking your browsing activity, observing login sessions and altering the content of websites you visit, all without your knowledge. These extensions are not simply misconfigured tools. They appear to be intentionally designed with surveillance in mind. Many store their configuration data locally, which allows remote servers to update their behavior at any time. This setup is commonly seen in spyware, where changes can be made after installation without alerting the user. The code is heavily obfuscated, making it difficult for researchers to understand what the extensions are actually doing. In some cases, the extensions appear to do nothing at all when clicked. However, they continue to send data in the background. For instance, the Fire Shield Extension Protection remained inactive until the researcher manually triggered it with a specific extension ID. Only then did it begin to transmit browsing activity and other data, revealing behavior that would be hard for an average user to detect. The 35 extensions are not publicly searchable on the Chrome Web Store, meaning they can only be installed via direct URLs. The full list of extensions is: If you have installed one of the above-mentioned extensions on your browser, remove it as soon as possible. To remove an extension from Google Chrome on a desktop, follow these steps: If you're worried about the above extensions, here are five ways to safeguard your sensitive information and maintain your online privacy. 1) Keep your browser up to date: Chrome gets regular updates that get rid of most security issues. Make sure you turn on automatic updates for your browser (e.g., Chrome, Firefox, Edge) so you're always running the latest version without thinking about it. See my guide on keeping your devices and apps updated for more information. 2) Install extensions only from trusted sources: Official browser stores like the Chrome Web Store have rules and scans to catch bad actors. They're not perfect, but they are still a better option when compared to a random website on the internet. Extensions from unknown websites or third-party downloads are far more likely to hide malware or spyware. 3) Have strong antivirus software: A good antivirus can warn you before you install malicious software, such as sketchy browser extensions. It can also alert you to phishing emails and ransomware scams, helping keep your personal information and digital assets safe. Get my picks of the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 4) Be skeptical of extensions requesting unnecessary access: Some extensions overreach on purpose. A calculator tool asking for your browsing history or a weather app wanting your login data is a huge red flag. Before installing, ask, "Does this permission match the extension's job?" If the answer's no, don't install it. Watch out for broad permissions like "Read and change all your data on websites you visit" unless it's clearly justified (e.g., a password manager). If an update suddenly adds new permission requests, dig into why. It might mean the extension has been sold or hacked. 5) Change your passwords and do it safely: If you've ever saved passwords in your browser (e.g., via Chrome's built-in password manager or the "Save Password" prompt), those credentials could be at risk if a malicious extension was installed. These built-in managers store passwords locally or in your Google, Microsoft or Firefox account, and a compromised browser can give bad actors a way in. This doesn't typically apply to dedicated password manager extensions, which encrypt your data independently and don't rely on browser storage. However, if you're unsure whether an extension has been compromised, it's always smart to update your master password and enable two-factor authentication. For maximum safety, change your most important passwords (email, bank, shopping, cloud services) from a different, secure device, such as your phone or another computer, where the questionable extension was never installed. Avoid using the same browser that may have been exposed. Then consider switching to a password manager to create and store strong, unique logins going forward. I've reviewed the top options in my best password managers of 2025 guide. See which one fits your needs best. The fact that several of these extensions carried Google's own "Featured" badge should serve as a wake-up call. It points to a serious lapse in oversight and raises concerns about how thorough Chrome's extension review process actually is. When millions of users unknowingly install spyware under the impression that it has been vetted and approved, the issue is no longer just about bad actors. It reflects a deeper failure within the platform itself. Google needs to take stronger responsibility by improving transparency and tightening its review standards. Do you think browser makers like Google should be held more accountable for what gets published in their stores? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Follow Kurt on his social channels: Answers to the most-asked CyberGuy questions: New from Kurt: Copyright 2025 All rights reserved.
