Attention Chrome users: It's time to update your browser. Google released an update for its Chrome browser on Windows, Mac, and Linux on Wednesday, and while the Update button in the corner of the browser window is easy to miss, you really shouldn't.
Chrome 125 contains patches for nine security vulnerabilities. While all security flaws need to be fixed as soon as possible, one is of particular concern: tracked as CVE-2024-4947, a "type confusion in V8" that occurs when a piece of vulnerable code does not verify that it is The object passed to. In other words, bad functions end up attached to bad code, which bad actors can exploit to run their own code on your device.
While this type of flaw is bad enough, it doesn't necessarily have to be singled out like this. What makes CVE-2024-4947 so annoying is that it is a zero-day vulnerability, a flaw that is actively exploited in the wild. This means that a bad actor somewhere not only knows about the vulnerability, but also exploits it to break into something . Tech companies like Google rarely give us more information than zero-day related, but when you see a flaw like this it should send off a warning sign in your mind to update your stuff as soon as possible.
To make matters worse, this is the third zero-day vulnerability affecting Chrome discovered by Google this month. On May 9, Google released an update to the desktop Chrome application to patch CVE-2024-4671, a use-after-free vulnerability in which the program does not clear the pointer to memory after use. Then, on May 13, Google released a follow-up update to patch CVE-2024-4761, an out-of-bounds write vulnerability that could allow bad actors to access data they shouldn't.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added all three flaws to its catalog of known exploitable vulnerabilities. Federal agencies have until June 10 to update their Chrome browsers, which is plenty of time. If I were you I would update immediately.
How to update Google Chrome
To update Google Chrome, click on the Update button if it is preset. If not, click the three dots in the upper right corner of the window and go to Help > About Google Chrome . Let Chrome check for updates, then follow the on-screen instructions to download and install it after it's scheduled to update.
