Google Chrome just patched a serious zero-day flaw — update your browser now

and image of the Google Chrome logo on a laptop
(Image credit: Shutterstock)

Chrome users should ensure they’re running the latest version of Google’s browser, as the search giant has released an emergency security update that addresses a zero-day flaw that’s currently being exploited in the wild.

As reported by BleepingComputer, the high-severity vulnerability (tracked as CVE-2022-3723) exists in the V8 Javascript engine that powers Chrome and was first discovered by a security researcher at Avast. Ironically, Google had just finished pushing out a number of security fixes for its browser when it received a vulnerability report from the cybersecurity firm on the same day.

The search giant has been hard at work fixing zero-day vulnerabilities in its browser as six have been discovered so far in this year alone. What makes zero-day vulnerabilities particularly dangerous is the fact that they were previously undiscovered and a patch will need to be written as quickly as possible to fix the issue.

Although Google is being very tight-lipped about this particular zero-day, the company did release a security advisory in which it confirmed that it is aware of reports that an exploit for CVE-2022-3723 exists in the wild and that it could allow hackers to read sensitive app data. We’ll likely hear more regarding this vulnerability once a majority of Chrome users have installed the latest update which patches it.

How to check if Google Chrome is running the latest update

To protect yourself against any attacks leveraging this vulnerability, Chrome users need to be running version 107.0.5303.87 of the browser or later. It’s worth noting that Windows users may see either 107.0.5304.87 or 107.0.5304.88 after following the steps below according to a blog post from Sophos.

To check to make sure you’re running the latest version of Chrome, you first need to click on the three dots menu at the top right of your browser and then click on “Settings”. On the menu at the left hand side of your screen, you’ll see “About Chrome” at the very bottom. Click on it to see what version of Chrome you’re running and the browser will say “Chrome is up to date” if you have the latest version installed. If you’re not, you can download the latest version and it will be installed automatically once you restart your browser.

A screenshot of the update icon in Google Chrome

(Image credit: Google)

Although Chrome updates automatically when you restart your browser, those who leave their computers on for long periods of time may miss out on important updates. Thankfully, Chrome shows a pending update button in the right corner of your browser. This icon will be green if an update was released less than two days ago. However, if it turns orange, that means that an update was released about 4 days ago while a red icon indicates that an update was released at least a week ago.

When it comes to staying safe from cyberattacks and malware, keeping your browser up to date is one of the most important things you can do. For added protection though, you may also want to consider installing one of the best antivirus software solutions on your computer. At the same time, here are three Google Chrome security features to activate now if you want to stay safe online. 

Anthony Spadafora
Senior Editor Security and Networking

Anthony Spadafora is the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to password managers and the best way to cover your whole home or business with Wi-Fi. Before joining the team, he wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.