March 27, 2022
We wish to bring to your attention that on Friday (March 25, 2022) Google has issued an emergency security update for all Chrome users as it confirms that attackers are already exploiting a high severity zero-day vulnerability.
The emergency update to version 99.0.4844.84 of Chrome is highly unusual in that it addresses just a single security vulnerability. A fact that only goes to emphasize how serious this one is.
Due to the wide distribution of chrome browser, we highly recommend updating the applicable patches to your organization as soon as possible, i.e., enforce the update and required start-up for all workstations asap.
We want to stress the importance of implementing appropriate patching procedures and policies alongside ongoing controls to ensure the execution of those patching policies – any such patch release is usually followed by cyber-attacks and malware tools trying to exploit the published vulnerability.
Implementing a straightforward patching policy is not only a common security standard but also a legal obligation under the Israeli Security Regulations, the GDPR, and HIPAA.
If you have any questions or required clarifications, our privacy-cyber team, including cyber experts, will be happy to assist.
APM Privacy and Cyber Team.