Home > Cyber News > The next Google Chrome Update May Break Your Site
CYBER NEWS

The next Google Chrome Update May Break Your Site

by   |  Last Update:  |  0 Comments  

Google Chrome image

The upcoming version of the Google Chrome web browser will include a new security check labelling old security certificates as non-trusted. This poses a serious issue as many of the top 1 million sites are still using them. Many of these addresses are home to government sites, enterprise home pages and etc.




Google Chrome Update May Label Top Sites as Unsafe

A security researcher has discovered that a very large part of the top 1 million sites are using old certificates issued before June 2016 are to become non-trusted by the next version of Google Chrome. The next version of the browser is scheduled to be released in the middle of this month and it will mark these sites as non-trusted. This is a very dangerous situation as it can confuse ordinary Internet users that are accessing company sites into believing that they are the target of a phishing scam attack.

Google Chrome will not block the sites but present various notifications and pop-ups warning the users that they are not safe. The reason for this is that these certificates are not deemed secure enough. The announcement about this process was posted by both Mozilla and the Google team because Symantec was distrusted as a certificate authority. Following the responses from the developers Symantec sold their security certificates division to DigiCert which is another provider.

Related Story: Consumer Version of Google+ Will Be Shut down After User Data Leak

The site operators that use the old Symantec certificates will need to transition to another certificate in order to remain marked as “safe” when the update rolls out. It is planned that the stable version of Chrome 70 will be released in the coming weeks of October 2018. Its beta version includes code that removes the trust flag in the old Symantec-rooted infrastructure. The release notes indicate that the TLS certificates issued by the old infrastructure will be affected with no regard of the issuance date.

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts

Follow Me:
Twitter

Related posts:
  1. Symantec Products Guilty of Charge of Multiple Severe Flaws Tavis Ormandy has found and reported multiple vulnerabilities in Symantec’s...
  2. Here’s Everything You Should Know About SSL in 2019 Do you wonder what an SSL certificate is? And why...
  3. Symantec/Norton CVE-2016-2208 Flaw Causes Remote Memory Corruption Software products are not perfect and can be full of...
  4. Complete Break of Libgcrypt RSA-1024: CVE-2017-7526, CVE-2017-9526 Are you a Linux user? Make sure to check whether...
  5. Apple Revokes Facebook’s Distribution Certificate, Is Google Next? Apple and Facebook are making the headlines once again with...
  6. Beware of CVE-2017-6326, RCE Bug in Symantec Messaging Gateway Symantec just fixed three flaws (CVE-2017-6326, CVE-2017-6324, CVE-2017-6325) in the...
  7. Valid D-Link Certificate Used by Plead Malware Campaigns A new malware campaign leveraging stolen digital certificates has been...
  8. Chrome 56 Update Issue Doesn’t Stem from Google but from BlueCoat Problems were reported with Google Chrome’s latest update. More particularly,...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree