Update now! Google Chrome flaw could leave you vulnerable to remote hackers

google chrome on laptop
(Image credit: Nathana Rebouças on Unsplash)

Make sure your Google Chrome browser is updated as soon as possible to avoid potential malicious attacks by remote hackers. On November 24, Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group discovered an integer overflow bug (called CVE-2023-6345) in Skia, the graphics engine for Google Chrome and ChromeOS (via Android Central). 

According to the National Vulnerability Database, this integer overflow bug "allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file." In simple terms, this bug could allow hackers to execute a virus on your laptop via Chrome or access your sensitive in-browser data. 

The bug has a Chromium security severity of high, and in Google's recent release notes, the company notes that it's "aware that an exploit of CVE-2023-6345 exists in the wild." Automatic updates will roll out to Mac, Linux, and Windows users "over the coming days/weeks," but many people are able to update to the new browser version now.

Here's how to check your Chrome browser's version number, as well as how to manually check for updates if you don't have the most recent update yet.

How to update your Google Chrome Browser

If you don't have Google Chrome set to automatically update, you'll need to manually check for updates to get the patch for this integer overflow bug. For Mac and Linux users, the stable channel will be updated to 119.0.6045.199, and for Windows users, it'll be updated to 119.0.6045.199/.200. 

To see your Chrome browser's current version number, click on the three vertical dots in the top right corner of your open browser window. Select Settings from the dropdown menu, and then scroll all the way down to find About Chrome in the left-side menu.

about chrome setting

(Image credit: Future)

Underneath the Google Chrome header, you'll see Version followed by a string of numbers. Compare the numbers you see to the ones above specific to your computer's operating system. 

Above my current version number, there's a message that reads "Nearly up to date! Relaunch Chrome to finish updating." If you see this message, it means your browser has automatically been updated with the most recent patch, and you just need to restart the browser to complete the process. Any tabs you currently have open will reopen once your browser restarts.

current version number chrome

(Image credit: Future)

If your version number isn't up to date, it's possible the patch might not have reached you yet. Once there's an update to install, it'll either be automatically installed if you have auto-updates enabled, or you'll see a button that reads Update Google Chrome.

This is Chrome's sixth zero-day vulnerability this year, but it looks like Google is acting quickly and rolling out a patch before any major harm can be done. Plus, a month ago, Google boosted its privacy game with a tool that can hide your IP address. It might not be as privacy-focused as FireFox or DuckDuckGo yet, but it's a step in the right direction.

Category
Arrow
Arrow
Back to Apple MacBook Pro
Brand
Arrow
Processor
Arrow
RAM
Arrow
Storage Size
Arrow
Screen Size
Arrow
Colour
Arrow
Screen Type
Arrow
Storage Type
Arrow
Condition
Arrow
Price
Arrow
Any Price
Showing 10 of 489 deals
Filters
Arrow
Load more deals