Chrome and Firefox fix big security bugs — how to update now

The Google Chrome and Mozilla Firefox logos against a teal-blue background.
(Image credit: Google/Mozilla Foundation)

Google and Mozilla each upgraded their Chrome and Firefox browsers this week, squashing a number of security issues. Make sure your browsers are up to date.

Several of the flaws allow remote code execution — i.e., hacking — by malicious websites, although the details are being kept under wraps so that actual crooks and spies don't use them until most users have patched their browsers.

The best antivirus software for Windows and for Mac will stop malware from being installed via web browsers, but you can't be too careful. 

Chrome's update to version 85.0.4183.121 on the desktop fixes 10 security flaws, five of which were categorized as "high" severity, according to the official Chrome blog (opens in new tab)

Three of those permit remote hacking by a specially designed malicious website, according to the Common Vulnerabilities and Exposures Database (opens in new tab); the other two make Chrome vulnerable to malicious browser extensions.

How to update Chrome

Your desktop Google Chrome browser will generally update itself in Windows, Mac and Linux as long as you periodically close and relaunch the browser. Updates to version 85.0.4183.121 will be rolled out to all users "over the coming/days weeks," the Chrome blog said. 

To force a Google Chrome browser update, click the three vertical dots at the top right of your Chrome browser window, scroll down to help, and then select About Google Chrome in the fly-out menu that appears. 

A new tab will open that will check to see if you're on the latest version, and update you if you're not. (Some Linux distributions will instead push out updates through their normal software-update channels).

Firefox security flaws

Firefox 81.0 (opens in new tab), released yesterday (Sept. 22), patches six security flaws (opens in new tab) and applies to Android as well as the desktop OS's. Three of them are described as having "high" potential impact, all of which involve memory corruption, one of the primary reasons vulnerabilities happen in any form of software.

"We presume that with enough effort some of these could have been exploited to run arbitrary code," Mozilla wrote in its security advisory.

Firefox 81 also adds some new usability features, such as the ability to pause and play audio and video from a keyboard or headphones, save and auto-fill credit-card numbers and fill in PDF forms. It also adds a pink-and-purple "Alpenglow" theme. 

How to update Firefox

Like Chrome, Firefox should automatically update itself when you launch the browser. 

To force a manual update, go to the three stacked lines at the top right of the desktop browser window, then scroll down to and select Help at the bottom of the menu. Select "About Firefox" in the fly-out menu, and a pop-up window will appear that checks to see whether your installation of Firefox is up-to-date.

You can also download full builds of Firefox 81 for all supported desktop platforms from the Firefox FTP website (opens in new tab).

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.