Select Page

You must update your Google Chrome now.

Security researcher Michał Bentkowski discovered and reported a high severity vulnerability in Google Chrome in late May, affecting the web browsing software for all major operating systems including Windows, Mac, and Linux.

Without revealing any technical detail about the vulnerability, the Chrome security team described the issue as incorrect handling of CSP header (CVE-2018-6148) in a blog post published today.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed,” the Chrome security team notes.

Content Security Policy (CSP) header allows website administrators to add an extra layer of security on a given web page by allowing them to control resources the browser is allowed to load.

images from Hacker News