{"id":9418,"date":"2021-03-16T15:16:55","date_gmt":"2021-03-16T12:16:55","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=9418"},"modified":"2021-03-16T15:16:55","modified_gmt":"2021-03-16T12:16:55","slug":"google-chrome-cve-2021-21193","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/google-chrome-cve-2021-21193\/9418\/","title":{"rendered":"Google Chrome&#8217;unuzu bir an \u00f6nce g\u00fcncelleyin!"},"content":{"rendered":"<p>Google Chrome\u2019daki ciddi bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n kapat\u0131lmas\u0131 i\u00e7in taray\u0131c\u0131n\u0131n acilen g\u00fcncellenmesi gerekiyor. Chrome\u2019u g\u00fcncellemekten b\u0131km\u0131\u015f olabilirsiniz (acilen yap\u0131lmas\u0131 gerekti\u011fi s\u00f6ylenen son g\u00fcncellemeyi <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/update-google-chrome-to-8804324150\/9294\/\" target=\"_blank\" rel=\"noopener\">daha ge\u00e7en ay yapm\u0131\u015ft\u0131k<\/a>), ancak yine bunu yapmam\u0131z gereken zaman\u0131 geldi ve bu defa iyi bir nedeni de var: Siber su\u00e7lular bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan faydaland\u0131 bile!<\/p>\n<h2>CVE-2021-21193 nedir?<\/h2>\n<p>Google, 12 Mart tarihinde Chrome i\u00e7in bir kararl\u0131l\u0131k s\u00fcr\u00fcm\u00fc olan 89.0.4389.90\u2019\u0131 <a href=\"https:\/\/chromereleases.googleblog.com\/2021\/03\/stable-channel-update-for-desktop_12.html\" target=\"_blank\" rel=\"noopener nofollow\">yay\u0131nlad\u0131<\/a>. Bu s\u00fcr\u00fcmle birlikte \u00fc\u00e7\u00fc y\u00fcksek \u00f6nem derecesine sahip be\u015f g\u00fcvenlik a\u00e7\u0131\u011f\u0131na yama uygulad\u0131. Bu g\u00fcvenlik a\u00e7\u0131klar\u0131ndan biri olan <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=2021-21193\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2021-21193<\/a>\u2018\u00fc biraz daha yak\u0131ndan incelememiz gerekiyor. S\u00f6z konusu g\u00fcvenlik a\u00e7\u0131\u011f\u0131, HTML kodunu tarama yapmaya al\u0131\u015f\u0131k oldu\u011funuz iyi tasarlanm\u0131\u015f internet sayfalar\u0131na d\u00f6n\u00fc\u015ft\u00fcrmekten sorumlu olan Google Chrome\u2019un taray\u0131c\u0131 motoru Blink\u2019te yer al\u0131yor.<\/p>\n<p>G\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n <a href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/use-after-free\/\" target=\"_blank\" rel=\"noopener\">use-after-free<\/a> olmas\u0131 Blink\u2019in bellek temizlemede sorun ya\u015fad\u0131\u011f\u0131 anlam\u0131na geliyor. Use-after-free g\u00fcvenlik a\u00e7\u0131klar\u0131na y\u00f6nelik ger\u00e7ekle\u015ftirilen sald\u0131r\u0131lar\u0131n tipik sonu\u00e7lar\u0131 aras\u0131nda veri bozulmas\u0131 ve rastgele kod y\u00fcr\u00fctme yer alsa da, bu vakada ger\u00e7ekte ne oldu\u011funa dair herhangi bir bilgi yok. Genellikle Google, bir konuyla ilgili daha fazla ayr\u0131nt\u0131 vermeden \u00f6nce \u00e7o\u011fu Chrome kullan\u0131c\u0131s\u0131n\u0131n taray\u0131c\u0131lar\u0131n\u0131 g\u00fcncellemesini bekler.<\/p>\n<p>\u0130simsiz bir g\u00fcvenlik ara\u015ft\u0131rmac\u0131s\u0131n\u0131n 9 Mart\u2019ta CVE-2021-211193 g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 bildirmesinin ard\u0131ndan Google sadece \u00fc\u00e7 g\u00fcn i\u00e7inde aceleyle bir yama yay\u0131nlad\u0131. Bu tela\u015f, g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan ger\u00e7ek d\u00fcnyada faydalan\u0131lm\u0131\u015f olmas\u0131na ba\u011flanabilir \u00e7\u00fcnk\u00fc doland\u0131r\u0131c\u0131lar s\u00f6z konusu g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 \u00e7oktan istismar ettiler. Herkesin Google Chrome\u2019unu bir an \u00f6nce g\u00fcncellemesi i\u00e7in bu ba\u015fl\u0131 ba\u015f\u0131na yeterli bir sebep.<\/p>\n<h2>Google Chrome\u2019unuza yama uygulamak i\u00e7in ne yapmal\u0131s\u0131n\u0131z?<\/h2>\n<p>Google, s\u00f6z konusu g\u00fcncellemeyi 12 Mart\u2019ta kullan\u0131ma sunmaya ba\u015flad\u0131, ancak taray\u0131c\u0131n\u0131z\u0131n sa\u011f \u00fcst k\u00f6\u015fesinde yer alan g\u00fcncelleme butonunu g\u00f6rmeniz birka\u00e7 g\u00fcn s\u00fcrebilir. Ancak s\u00fcreci h\u0131zland\u0131rmak istiyorsan\u0131z, g\u00fcncellemeyi manuel olarak yapabilirsiniz.<\/p>\n<p>Bunun i\u00e7in Chrome\u2019da, men\u00fc (\u00fc\u00e7 nokta) butonuna t\u0131klaman\u0131z ve &lt;em&gt;<em>Ayarlar<\/em> \u2014&gt; <em>Google Chrome Hakk\u0131nda&lt;\/em&gt;<\/em>\u2018y\u0131 se\u00e7meniz yeterli. Taray\u0131c\u0131n\u0131z\u0131n s\u00fcr\u00fcm\u00fc 89.0.4389.90 veya daha yeni olarak g\u00f6r\u00fcn\u00fcyorsa, bu, zaten yama uygulanm\u0131\u015f bir s\u00fcr\u00fcm kulland\u0131\u011f\u0131n\u0131z anlam\u0131na gelir. Ancak daha eski bir s\u00fcr\u00fcme sahipseniz, taray\u0131c\u0131 sizden kendini g\u00fcncellemesine izin vermenizi isteyecek ve taray\u0131c\u0131y\u0131 yeniden ba\u015flatmas\u0131 gerekecek. Bu durumda, Chrome yeniden a\u00e7\u0131ld\u0131\u011f\u0131nda, taray\u0131c\u0131 kapanmadan \u00f6nce halihaz\u0131rda a\u00e7\u0131k olan t\u00fcm sekmelerinizi (Gizli sekmeler hari\u00e7) otomatik olarak geri y\u00fckleyecek.<\/p>\n<p><strong><input type=\"hidden\" class=\"category_for_banner\" value=\"ksos\"><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>K\u00f6t\u00fc niyetli ki\u015filer, Google Chrome&#8217;daki bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan zaten faydalanm\u0131\u015ft\u0131. Bu nedenle, t\u00fcm kullan\u0131c\u0131lar\u0131n taray\u0131c\u0131lar\u0131n\u0131 89.0.4389.90 s\u00fcr\u00fcm\u00fcne g\u00fcncellemesi gerekiyor.<\/p>\n","protected":false},"author":675,"featured_media":9419,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727,1351],"tags":[16,22,503,2380],"class_list":{"0":"post-9418","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"category-threats","11":"tag-chrome","12":"tag-google","13":"tag-guvenlik-acigi","14":"tag-use-after-free"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/google-chrome-cve-2021-21193\/9418\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/google-chrome-cve-2021-21193\/22610\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/google-chrome-cve-2021-21193\/18104\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/google-chrome-cve-2021-21193\/24347\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/google-chrome-cve-2021-21193\/22423\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/google-chrome-cve-2021-21193\/21336\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/google-chrome-cve-2021-21193\/24895\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/google-chrome-cve-2021-21193\/24169\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/google-chrome-cve-2021-21193\/30275\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/google-chrome-cve-2021-21193\/39013\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/google-chrome-cve-2021-21193\/16558\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/google-chrome-cve-2021-21193\/17140\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/google-chrome-cve-2021-21193\/14575\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/google-chrome-cve-2021-21193\/26346\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/google-chrome-cve-2021-21193\/30210\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/google-chrome-cve-2021-21193\/26794\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/google-chrome-cve-2021-21193\/23656\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/google-chrome-cve-2021-21193\/28990\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/google-chrome-cve-2021-21193\/28793\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/chrome\/","name":"Chrome"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/9418","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/675"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=9418"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/9418\/revisions"}],"predecessor-version":[{"id":9420,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/9418\/revisions\/9420"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/9419"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=9418"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=9418"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=9418"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}