Share

• Copy link
• Facebook
• X
• Reddit
• Email

Share this article

Join the conversation

Follow us

Add us as a preferred source on Google

Newsletter

Get the Tom's Guide Newsletter

Here at Tom’s Guide our expert editors are committed to bringing you the best news, reviews and guides to help you stay informed and ahead of the curve!

Become a Member in Seconds

Unlock instant access to exclusive member features.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

---

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

---

Want to add more newsletters?

Daily (Mon-Sun)

Tom's Guide Daily

Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.

Signup +

Weekly on Thursday

Tom's AI Guide

Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!

Signup +

Weekly on Friday

Tom's iGuide

Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.

Signup +

Weekly on Monday

Tom's Streaming Guide

Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.

Signup +

---

Join the club

Get full access to premium articles, exclusive features and a growing list of member rewards.

Explore

---

An account already exists for this email address, please log in.

Subscribe to our newsletter

Google has released a new emergency security update for Chrome to address a high severity zero-day vulnerability that’s currently being exploited by hackers.

As reported by BleepingComputer, the zero-day in question (tracked as CVE-2023-6345) has now been patched in Chrome version 119.0.6045.199/.200 for Windows and version 119.0.6045.199 for Mac and Linux.

In an advisory sent out alongside the emergency security update, the Chrome team explained that it also contains fixes for 6 other security flaws, all of which are high-severity vulnerabilities. With this latest security update for its browser, Google has now patched a total of six zero-day vulnerabilities in this year alone that hackers managed to develop exploits for.

If you haven’t updated Chrome lately, you’re going to want to install this emergency security update as soon as possible since there is a chance — though relatively small — that the zero-day flaw it patches could be used by hackers in their attacks. Even then, you always want to keep your browser up to date as cybercriminals often target users that are running outdated software.

Reader Offer: Save 68% on Aura identity theft protection
Aura provides everything you need to protect your identity, data and devices online with malware protection, a password manager and a VPN all included. Tom's Guide readers can save up to 68% when they sign up.

Preferred partner (What does this mean?)

View Deal

Exploited by hackers but details are scarce

Like with other recent zero-day flaws, Google isn’t saying much as to how hackers are currently exploiting this one in the wild. This is pretty standard though and Apple does the exact same thing with iPhone and Mac zero-days.

The reasoning behind this is pretty simple. If Apple or Google in this case says too much about how hackers are using a zero-day in their attacks, other cybercriminals could follow suit and develop their own exploits. By keeping the details scarce for the time being, Google and other tech giants are giving their users more than enough time to download and install the latest security updates.

The most recent high-severity zero-day flaw in Chrome is an integer overflow bug in the open source, 2D graphics library Skia. Besides Chrome though, it’s also used in other products including ChromeOS on the best Chromebooks, Android and Flutter.

As this flaw was discovered by two security researchers from Google’s Threat Analysis Group (TAG), BleepingComputer believes that hackers could be exploiting it in spyware attacks. However, since these kinds of zero-day flaws are often used by state-sponsored hackers targeting high-profile individuals like journalists and politicians, most people won’t likely need to worry about falling victim to an attack.

Still though, keeping your browser up to date is one of the most important and the easiest way to stay safe from hackers.

How to stay safe from attacks exploiting zero-day flaws

Like I mentioned before, installing the latest security updates and patches as soon as they become available is the easiest way to ensure you won’t get caught up in a cyberattack that’s exploiting a recently discovered zero-day flaw.

Although you can manually check for updates by clicking on the three-dot menu, opening Settings and then going to About Chrome, Google also uses a color-coded warning system to let you know when new updates or patches are available. When this happens, you’ll see a bubble next to your profile picture in Chrome. The bubble turns green for a 2-day old update, orange for a 4-day old update and red when an update was released at least a week ago.

Besides keeping your browser up to date, you should also be using the best antivirus software on your Windows PC, the best Mac antivirus software on your Apple computer and one of the best Android antivirus apps on your Android smartphone. This way, you can ensure you’re protected from malware and other viruses.

Zero-day flaws in popular software are more common than you think but in this case, if you keep your browser up to date, you should be fine. It’s just a matter of taking the time to install any new updates that appear instead of putting them off. Fortunately, Chrome updates quickly and reopens all of your current tabs after a restart, so you can pick up right where you left off.

More from Tom's Guide

• Hackers are now spreading Mac malware via fake browser updates
• Google Drive users left in shock after months of files go missing 
• Healthcare data breach leaks names, SSNs and more of 9 million patients