Google is urging Chromebook users to update devices

D

DelJo63

ZDNet.com is disclosing a vulnerability impacts the Chrome OS feature known as the "built-in security key." The feature works by allowing users to use a Chromebook device similar to a hardware-based USB/NFC/Bluetooth security key. Google engineers discovered a vulnerability in the firmware of H1 chips, which are used to process the cryptographic operations part of the "built-in security key" feature. As a result, Google says that attackers who obtain "a single pair of signature and signed data" can fake the user's security key without having access to the user's Chrome OS device.

Firmware fix available, see the article referenced above for details
 
You must log in or register to reply here.

Similar threads

Daniel Sims
LG TV owners should update their firmware, webOS vulnerability found in a few models
Replies
8
Views
113
subnex
S
Daniel Sims
Unpatchable Apple Silicon vulnerability could leak encryption keys
Replies
15
Views
253
Dreadcthulhu
D
D
Google Chrome gets real-time phishing and malware protection with upgraded Safe Browsing...
Replies
7
Views
235
Evrsr
E

Latest posts

Back