Sabon sabuntawar Chrome yana gyara kwari uku masu mahimmanci

Google ya fitar da sabon sabuntawar gaggawa na burauzar Google Chrome dinka, wacce sabon sigar 79.0.3945.130 ya zo ne don magance matsaloli uku wanda aka kasida kamar yadda sukar lambobi kuma ɗayan ɗayan yana jawabi ne ga daya cewa Microsoft gyara wani kwaro mai hatsarin gaske wanda zai ba maharin damar yin amfani da takardar shaida ta hanyar yin hakan daga asalin abin dogaro.

Tunda Hukumar Tsaro ta Kasa (NSA) ta sanar da Microsoft game da rauni Yana shafar Windows 10, Windows Server 2016, Windows Server 2019, da kuma Windows Server version 1803, a cewar wani rahoto daga hukumar gwamnati.

Game da tsayayyen kwari

Laifin ya shafi ɓoye bayanan sa hannu na dijital amfani dashi don gaskata abun ciki, gami da software ko fayiloli. Idan ya fashe, wannan aibi na iya bada izini ga mutane marasa niyya aika abun ciki mai cutarwa tare da sa hannu na karya wanda yasa ya zama mai lafiya.

Abin da ya sa kenan Google ya fitar da sabuntawa da Chrome 79.0.3945.130, wanda yanzu zai gano takaddun shaida da ke ƙoƙarin yin amfani da yanayin rauni CryptoAPI Windows CVE-2020-0601 da NSA ta gano.

Kamar yadda aka riga aka ambata, yanayin rauni ya ba maharan damar ƙirƙirar TLS da takaddun shaida na sanya hannu waɗanda ke kwaikwayon wasu kamfanoni don aiwatar da hare-hare a cikin-mutum ko ƙirƙirar shafukan yanar gizo.

Yayinda aka riga an saki PoCs da ke amfani da raunin CVE-2020-0601, mai wallafa ya yi imanin cewa lokaci ne kawai kafin maharan su fara ƙirƙirar takaddun jabu cikin sauƙi.

Chrome 79.0.3945.130saboda haka ya zo don kara tabbatar da amincin takardar shaidar gidan yanar gizo kafin ba da izinin baƙo don shiga shafin. Ryan Sleevi na Google ya ƙara lambar don tabbatar da sa hannu sau biyu akan tashoshin da aka tabbatar.

Wata matsala kuma masu sukar da aka gyara tare da wannan sabon sigar, rashin nasara ne wanda ke ba da damar duk matakan kewaya na'urar bincike lambar gudu akan tsarin, daga shingen aminci da muhalli.

Ba a bayyana cikakken bayani game da mawuyacin yanayin raunin ba (CVE-2020-6378), kawai an san cewa yana faruwa ne ta hanyar kira zuwa ga ƙwaƙwalwar ajiyar da aka riga aka 'yanta a ɓangaren fahimtar magana.

Wani matsalar rauni ya warware (CVE-2020-6379) Har ila yau yana hade da kiran ƙwaƙwalwar ƙwaƙwalwar ajiya an riga an sake (Amfani-bayan-kyauta) a cikin lambar gane magana.

Duk da yake batun ƙananan tasiri (CVE-2020-6380) ana haifar da shi ta hanyar kuskuren bincika saƙonnin plugin.

A karshe Sleevi ta yarda cewa wannan matakin sarrafawar ba cikakke bane, amma ya isa wannan lokacin yayin da masu amfani ke aiwatar da abubuwan tsaro ga tsarin aikin su kuma Google na tafiya zuwa ga masu tantancewa.

Ba cikakke bane, amma wannan binciken tsaro ya isa, lokaci yayi da zamu ci gaba zuwa wani mai tantancewa ko kuma ƙarfafa toshe hanyoyin 3P, koda na CAPI.

Idan kanaso ka kara sani game dashi Game da sabon sabuntawar gaggawa da aka saki don mai bincike, zaku iya bincika bayanan A cikin mahaɗin mai zuwa.  

Yadda ake sabunta Google Chrome a cikin Ubuntu da abubuwan banbanci?

Domin sabunta mai binciken zuwa sabon sigar, Ana iya aiwatar da aikin ta hanyoyi biyu daban-daban.

Na farkonsu kawai ana aiwatar da ingantaccen sabuntawa da haɓakawa daga tashar (wannan la'akari da cewa kun sanya shigarwar burauzar tana ƙara ajiyarta zuwa tsarin).

Don haka don aiwatar da wannan aikin, kawai bude tashar (zaka iya yin shi tare da gajeren hanyar keyboard Ctrl + Alt T) kuma a ciki zaku rubuta waɗannan umarnin:

sudo apt update

sudo apt upgrade

FinalmenteSauran hanyar ita ce idan kun shigar da burauzar daga kunshin bashi cewa za ka zazzage daga shafin yanar gizon mai bincike.

A nan dole ne ku sake shiga cikin wannan tsari kuma, na zazzage .deb kunshin daga gidan yanar gizon sannan sanya shi ta hanyar manajan kunshin dpkg.

Kodayake ana iya yin wannan aikin daga tashar ta hanyar aiwatar da waɗannan umarnin:

wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

sudo dpkg -i google-chrome * .deb

sudo apt-get install -f

Kasance na farko don yin sharhi

Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.