There’s a severe issue plaguing Chrome these days that should be definitely taken care of as soon as possible.
Usually, Google Chrome updates itself quickly and in silence, but now, you want to make sure that you’re using the latest version.
The company just announced a zero-day vulnerability and said that hackers are “actively exploiting.”
Chrome security engineer Justin Schuh detailed in a few tweets that the thing that makes this whole danger different compared to previous exploits which targeted Flash is that the browser needs to be restarted for the fix to go live:
“This newest exploit is different, in that initial chain targeted Chrome code directly, and thus required the user to have restarted the browser after the update was downloaded. For most users the update download is automatic, but restart is a usually a manual action.”
Engadget notes “If you’re on Chrome’s stable channel, then the latest update should install version 72.0.3626.121 with the fix.”
This link has more context on the 0day attack observed against Chrome. Separately, I want to expand on why it was important to call out this attack more prominently than previous 0day attacks against Chrome. [1/3] https://t.co/9rGkXa6BoI
— Justin Schuh 🗑 (@justinschuh) March 7, 2019
Update your operating system
Google has also made sure to alert users that the bug is used with a second exploit that attacks Windows.
According to the tech giant’s blog post, it seems that this may only have an impact on users who are running Windows 7 32-bit systems.
These people are strongly encouraged to upgrade to a newer version of Windows or install the patches that Microsoft will make available.
Leaving all this aside, it’s definitely strongly recommended to update your OS to Windows 10 once and for all.
Google writes in the blog post: “To remediate the Chrome vulnerability (CVE-2019-5786), Google released an update for all Chrome platforms on March 1; this update was pushed through Chrome auto-update. We encourage users to verify that Chrome auto-update has already updated Chrome to 72.0.3626.121 or later.”
After encouraging users to update their OS, Google says that the blog post will be updated when new data is available.