American News Group

Google patched a major zero-day vulnerability in Chrome — update now

Yesterday, Chrome was patched to fix a major vulnerability discovered by researchers, which was actively exploited in the wild. Precise details aren’t known right now, but an update rolled out for Chrome yesterday, and you’d be wise to install it as soon as you can.

Google isn’t explaining too much about how this vulnerability works “until a majority of users are updated,” and the corresponding item in the bug tracker is currently locked down. But security researcher Mattias Buelens reported a heap buffer overflow in the Chrome V8 Javascript engine, which has been patched in the latest v88.0.4324.150 release for the Stable channel. And this wasn’t just some hypothetical exploit; it was actively being used in the wild.

According to ZDNet, this may be tied to a vulnerability that security researchers themselves may have fallen victim to, which allowed malware to be run on their systems.

Whatever the precise cause, Google is very clear that this exploit was actively being used on the internet, and you should probably update your computer ASAP. To trigger an update manually on most platforms, you can open the three-dot menu and go to Help -> About, and the page there allows you to trigger a check or install an update if one is already downloaded.

Exit mobile version