Google has recently released a critical security update for its widely used Chrome browser, which boasts a user base of around 3 billion people. The update, version 119.0.6045.199/.200, aims to address a zero-day vulnerability that is currently being exploited worldwide. This vulnerability affects all browsers based on the Chromium engine.
The security loophole, originating from Skia, Chrome's open source 2D graphics library, enables attackers to execute remote code. This exploit is typically carried out by tricking unsuspecting users into visiting a malicious website. Once successful, the attacker gains control over the software and can perform various actions on behalf of the user without their knowledge.
Microsoft Edge: Also at risk
Another browser at high risk due to its reliance on the Google engine is Microsoft's Edge. If you have already set up automatic updates for Chrome, you may not need to take any further action. However, for all other users, it is crucial to manually update to the latest version via the settings menu to prevent exposing your system to potential threats.
Google notes that the fix will be rolled out gradually "over the coming days and weeks," meaning it may not be immediately available to everyone at the time of writing.
To update your Chrome browser, follow these steps:
- Click on the menu button (three dots)
- Select "Settings"
- Click on "About Chrome" (on the left side of the screen)
To update your Edge browser, follow these steps:
- Click on the menu button (three dots)
- Select "Help"
- Then click on "About Microsoft Edge"