Google issues urgent warning to millions of Chrome browser users over security flaw

News

Google has released an urgent update to plug a previously undiscovered security flaw that has left users of its Chrome browser open to attack from hackers.

Google have reportedly acknowledged that this vulnerability is being actively exploited but have kept quiet on specific details to prevent further abuse.

All we know is that the flaw, which has been classed as ‘high-severity’, concerns a type confusion bug in the V8 JavaScript engine, reports the Hacker News website.

This type of exploit could allow hackers access to an unprotected computer where they could do things like access protected memory, cause a crash or run malicious code.

The search giant isn’t revealing the exact nature of the security risk until more people have downloaded the security update, in order to stop it being further exploited by bad actors.

In a brief post announcing the discovery of the bug, Google said: “Access to bug details and links may be kept restricted until a majority of users are updated with a fix.

“We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”

The bug was discovered by Clement Lecigne of Google’s Threat Analysis Group (TAG) on November 29, 2022.

According to the Hacker News website, this is the ninth zero-day flaw attackers have exploited in the wild in 2022 for Chrome.

A zero-day threat is a vulnerability that has been discovered recently by the companies in charge of the software but is not yet fixed – meaning they have “zero days” in which to fix it.

A new patch for the browser was also released just days ago which contained fixes for 28 security issues. However the company has been forced to release another ‘out-of-band’ security update to fix this most recent flaw.

Chrome should automatically update for most people but if you want the new security fix as fast as possible you can download it straight away if you like.

You can do this by opening the three dot Chrome menu in the top right and going to ‘Settings’.

Find ‘About Chrome’ and it’ll check for the latest update.