Multi-Factor Authentication (MFA) is one of the most critical security controls that companies can deploy to protect against stolen and guessed password abuse. Receiving MFA one-time passcodes through SMS text messages is the simplest but also the least secure implementation because an attacker can intercept or divert text messages. Binary Defense recommends using authenticator apps to generate one-time passcodes on mobile devices without using SMS. As this patch also fixed a few critical/high vulnerabilities, Binary Defense recommends updating all devices as soon as possible. Chrome should update automatically on desktop machines, but mobile devices may need to be configured for automatic updates through the App Store or Play Store. Attackers often make use of unpatched browsers to exploit endpoints in “drive-by downloads” using exploit kits hiding in advertising or website content that appear safe. This attacker focus on exploitation of web browsers is the reason why automatic updates are now the default configuration for most web browsers.
https://www.zdnet.com/article/chrome-84-released-for-blocking-notification-popups-on-spammy-sites/