I-Google ikhiphe isibuyekezo esisha sesimo esiphuthumayo yesiphequluli sakho se-Google Chrome, lapho inguqulo entsha i-79.0.3945.130 ifika ukuze ixazulule izingcuphe ezintathu ezazabhalwa njenge ukugxekwa futhi okukodwa okubhekiswe kukho eyodwa ukuthi Microsoft ilungise isiphazamisi esingaba yingozi esizovumela umhlaseli ukuba aphazamise isitifiketi ngokuzenza sengathi sivela kumthombo othembekile.
Njengoba iNational Security Agency (NSA) yazise iMicrosoft ngobungozi Ithinta Windows 10, Windows Server 2016, Windows Server 2019, kanye neWindows Server version 1803, ngokusho kombiko ovela ku-ejensi kahulumeni.
Mayelana nezimbungulu ezihleliwe
Iphutha lithinte ukubethelwa kwamasiginesha edijithali esetshenziselwa ukuqinisekisa okuqukethwe, kufaka phakathi isoftware noma amafayela. Uma iqhuma, leli phutha lingavumela kubantu abanezinhloso ezimbi thumela okuqukethwe okunonya ngamasiginesha mbumbulu okwenza kubonakale kuphephile.
Kungakho I-Google ikhiphe isibuyekezo kusuka ku-Chrome 79.0.3945.130, manje ezothola izitifiketi ezizama ukusebenzisa ubungozi I-CryptoAPI Windows CVE-2020-0601 etholwe yi-NSA.
Njengoba sekushiwo, ukuba sengozini kuvumela abahlaseli ukuthi benze i-TLS nezitifiketi zokusayina amakhodi ezizenza ezinye izinkampani zenze ukuhlasela kwabantu abaphakathi noma ukudala amasayithi wobugebengu bokweba imininingwane ebucayi.
Njengoba ama-PoCs asebenzisa ubungozi be-CVE-2020-0601 asevele akhishiwe, umshicileli ukholelwa ukuthi kuyisikhathi nje kuphela ngaphambi kokuba abahlaseli baqale ukudala kalula izitifiketi zomgunyathi.
I-Chrome 79.0.3945.130ngalokho iza ukuzoqhubeka nokuqinisekisa ubuqotho besitifiketi sewebhusayithi ngaphambi kokugunyaza isivakashi ukuthi singene kusayithi. URyan Sleevi wakwaGoogle ungeze ikhodi yokuqinisekiswa kwesiginesha ephindiwe eziteshini eziqinisekisiwe.
Enye inkinga abagxeki abalungiswe ngale nguqulo entsha, kube ukwehluleka okuvumela wonke amazinga ukudlula kokuphepha kwesiphequluli run ikhodi kusistimu, ngaphandle kwendawo ebiyelwe ephephile nemvelo.
Imininingwane emayelana nokuba sengozini okubucayi (i-CVE-2020-6378) isazokwembulwa, kwaziwa kuphela ukuthi kubangelwa wukushayelwa kwenkumbulo esivele ikhululiwe engxenyeni yokuqashelwa kwenkulumo.
Okunye ukuba sengozini kuxazululiwe (I-CVE-2020-6379) ihlotshaniswa nocingo lwe-memory block isivele ikhishiwe (Sebenzisa-ngemuva-kwamahhala) kukhodi yokubona inkulumo.
Ngenkathi inkinga yomthelela omncane (i-CVE-2020-6380) ibangelwa yiphutha ekuhloleni imilayezo ye-plugin.
Ekugcineni uSleevi uvumile ukuthi le ndlela yokulawula ayiphelele, kepha yanele okwamanje njengoba abasebenzisi basebenzisa izibuyekezo zokuphepha zezinhlelo zabo zokusebenza nokuthi iGoogle iqhubekela kubaqinisekisi abangcono.
Ayiphelele, kepha lokhu kuhlolwa kokuphepha kwanele, yisikhathi sokuthi sithuthele kwesinye isiqinisekisi noma siphoqelele ukuvinjelwa kwamamojula we-3P, noma ngabe yi-CAPI.
Uma ufuna ukwazi kabanzi ngayo Mayelana nokuvuselelwa okusha okuphuthumayo okukhishwe isiphequluli, ungabheka imininingwane Kulesi sixhumanisi esilandelayo.
Ungayibuyekeza kanjani i-Google Chrome ku-Ubuntu nakwezinye izinto?
Ukuze uvuselele isiphequluli siye kunguqulo entsha, Inqubo ingenziwa ngezindlela ezimbili ezihlukile.
Owokuqala wabo kumane nje kwenza isibuyekezo esikahle kanye nokuthuthuka okufanelekile okuvela esigungwini (lokhu kucatshangelwa ukuthi ukwenze ukufakwa kwesiphequluli sengeza indawo yaso ohlelweni).
Ngakho-ke ukwenza le nqubo, vele uvule ukuphela (ungakwenza ngesinqamuleli sekhibhodi Ctrl + Alt + T) futhi kuzo uthayipha imiyalo elandelayo:
sudo apt update sudo apt upgrade
OkokugcinaEnye indlela uma ufake isiphequluli kusuka kwiphakheji yedebhu okulanda kuwebhusayithi esemthethweni yesiphequluli.
Lapha kufanele ubhekane nenqubo efanayo futhi, yokulanda iphakheji ye-.deb kusuka kuwebhusayithi bese uyifaka ngomphathi wephakheji we-dpkg.
Yize le nqubo ingenziwa kusuka esigungwini ngokwenza imiyalo elandelayo:
wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb sudo dpkg -i google-chrome * .deb sudo apt-get install -f