If you're one of the billions who rely on Google Chrome, you'll need to ensure you're running the latest version of the web browser. Google has rolled out a critical update to fix a zero-day flaw in the web browser, which was discovered by security researchers earlier this year.
Most glitches are annoying, but nothing to lose sleep over. What makes so-called "zero-day" flaws so terrifying is these are software bugs already known to hackers and being used to attack users. In other words, it's a race to roll out the update that fixes the flaw before too many people are hit by cybercriminals.
When the emergency patch is released, it's one that you cannot afford to postpone.
That's exactly what's happening to the two billion people who rely on Google Chrome globally. To ensure your data is safely shielded, you'll need to make sure you're running one of the below versions of Chrome:
- Version 123.0.6312.105 on Windows/Mac
- Version 123.0.6312.106 on Windows/Mac
- Version 123.0.6312.107 on Windows/Mac
- Version 123.0.6312.105 on Linux
To check the version of Google Chrome currently installed and running on your device, head to the three-dot menu in the top right-hand corner of the browser window, then select Settings > About Chrome.
If you see one of the numbers above, your machine is protected from the zero-day flaw.
If you see a pending Chrome update, make sure to relaunch your browser so the update is installed.
Security researchers Edouard Bochin and Tao Yan, who work at cybersecurity firm Palo Alto Networks, demoed the flaw in the Google Chrome web browser during the Pwn2Own Vancouver 2024. This annual contest sees researchers and hackers compete to demonstrate bugs and exploits in popular software to earn bounties.
The open-source Chromium code that powers Google Chrome is used by a number of other popular web browsers, including Microsoft Edge, which is why the zero-day flaw also surfaces in that rival app
GETTY IMAGES
The flaw, which also applies to Microsoft Edge since it's built on the same underlying Chromium code that powers Google Chrome, earned the two researchers a whopping $42,500 reward.
LATEST DEVELOPMENTS
- Microsoft will charge you £337 to continue using Windows 10
- Major changes coming to iPlayer in the next year, BBC confirms
- BT could postpone UK landline switch-off by two years
- Google pledges to delete browsing data collected when using Incognito Mode
The zero-day flaw enabled attackers from anywhere in the world to access sensitive information or data stored on your machine using specifically crafted HTML pages. It could also be used to trigger a browser crash.
In total, Google has now issued patches for four zero-day bugs within Chrome so far this year.
