Published on December 1st, 2023
Here Are 5 Takeaways: Chrome Update For PC
- Critical Zero-Day Vulnerability Patched
- Active Exploit in the Wild
- Cross-Platform Update
- Limited Bug Details Access
- Manual Update Instructions Provided
The article discusses a critical update for Google Chrome, the world’s most popular web browser, addressing a zero-day vulnerability designated CVE-2023-6345.
The update, identified as Chrome version 119.0.6045.199 for Mac and Linux, and version 119.0.6045.200 for Windows, includes a patch for this specific flaw.
For Android users, the update is available as version 119.0.6045.193.
The zero-day vulnerability is associated with an “integer overflow” issue in the open-source Skia graphics library.
The article emphasizes that Google is aware of an existing exploit for this vulnerability in the wild.
To mitigate the risk, users are strongly advised to update Chrome on both their computers and phones promptly.
Google mentions on the Chrome release blog that access to specific bug details may be restricted until a majority of users have updated with the fix.
This is a common practice to prevent potential misuse of the vulnerability by malicious actors.
The company also notes that restrictions may be retained if the bug is present in third-party libraries that other projects depend on but haven’t been fixed yet.
The article provides guidance on how to update Chrome on different platforms.
While Chrome typically updates automatically upon restarting the application, users can manually check for updates on their PCs through the ellipsis menu by clicking “Help” and then “About Google Chrome.”
Android users can check for updates via the Play Store.
The urgency of updating is emphasized, as zero-day flaws are often targeted by state-backed actors for malicious purposes, making timely updates crucial for enhancing security.