Update your Chrome browser now! There have been three serious security issues in less than a week.
Updates for your computer, phone, and other devices are important. They can add new features, but more importantly, they fix security problems.
For example, the latest update for Google Chrome, Chrome 125, fixes nine security issues.
To update Chrome, open the browser and click the Update button or click the three-dot menu on the top right, go to Help, then About Google Chrome to check for updates.
One of these security issues is the third serious (“zero-day”) vulnerability found in Chrome in just the past month.
Chrome has had a tough month with security. With over 2 billion users worldwide, these issues could affect a lot of people.
Zero-day vulnerabilities are very serious because they are current exploits being used by bad people to attack victims.
On May 15, Google warned about an exploit for CVE-2024-4947. This flaw, known as a “Type Confusion in V8,” lets a remote attacker use an error to run their own code via an HTML page, which can destabilize the browser or system.
This exploit follows two others this month. On May 9, Google fixed CVE-2024-4671, an exploit that let attackers run a code where pointers to empty memory were not deleted, leaving them open to abuse. Then on May 13, Google released an update for CVE-2024-4761, which let bad people attack a system through harmful HTML pages via a vulnerability affecting Chrome’s V8 Javascript engine.
All three of these vulnerabilities are on the U.S. Cybersecurity & Infrastructure Security Agency’s (CISA) list of Known Exploited Vulnerabilities. The U.S. has told federal agencies to update their Chrome browsers by June 10 because of these security flaws.
Three zero-day vulnerabilities in a 6 day period is a big concern, so make sure to update Google Chrome and keep an eye out for any other vulnerabilities and updates to deal with them in the near future.