The urgent Chrome update you can’t ignore and why you need the update now

Google Chrome isn’t having the best year in 2024. The web browser has been hit with a bunch of vulnerabilities, though Google quickly patched them up.

In the latest twist, Microsoft found another vulnerability in Chrome, which Google admitted is being exploited by hackers.

The search giant rolled out an update to fix it just two days after finding out. So, if you haven’t updated your browser yet, you’ll want to do it now.

Google remains tight-lipped about the vulnerability

Google hasn’t revealed how the vulnerability affects users or how hackers are exploiting it. That’s probably because the company doesn’t want to give threat actors any ideas and also wants to give users enough time to update their Chrome browser.

“Until a majority of users are updated with a fix, we will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on but haven’t yet fixed,” the company said.

Tracked as CVE-2024-7971, Google has described it as a type confusion bug in the V8 JavaScript and WebAssembly engine.

“Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page,” according to a description of the bug in the NIST National Vulnerability Database (NVD).

In simple terms, this vulnerability allows hackers to take control of your Chrome browser on your desktop by tricking it with a fake HTML page. If successful, they could steal your data or install malicious software, all without your knowledge.

The vulnerability was found and reported by the Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) Aug. 19.

We contacted Google requesting comment, and a representative confirmed that Google has issued an update to patch this issue.

Update Google Chrome to stay protected

Google has updated the Chrome stable channel to 128.0.6613.84/.85 for Windows and Mac, plus 128.0.6613.84 for Linux. The update should download to your PC automatically, but you are advised to check and restart the browser to ensure it installs. See the steps below to learn how.

How to update Chrome

  • Open Google Chrome on your computer
  • Click on the three dots in the top-right corner
  • Select Help
  • Click About Chrome
  • Chrome will automatically check for updates. If an update is available, it will download and install it.
  • Click Relaunch to complete the update process.

The vulnerability is unlikely to affect mobile devices. Still, you can update Chrome via the Google Play Store (Android) or App Store (iOS) by searching for Chrome and tapping Update if available.

3 additional ways to protect your privacy

While updating Chrome should fix the vulnerability, below are some security tips you can follow to further bolster your privacy and security.

1. Have strong antivirus software: Hackers often gain access to devices by sending infected emails or documents or tricking you into clicking a link that downloads malware. You can avoid all of this by installing strong antivirus software that will detect any potential threat before it can take over your device or router.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.

2. Recognize urgent requests as potential scams: Always be wary if someone is urgently requesting you to do something like send money, provide personal information or click on a link. Chances are it’s a scam.

3. Use strong and unique passwords: Create strong passwords for your accounts and devices, and avoid using the same password for multiple online accounts. Consider using a password manager to securely store and generate complex passwords. It will help you to create unique and difficult-to-crack passwords that a hacker could never guess. Second, it also keeps track of all your passwords in one place and fills passwords in for you when you’re logging into an account so that you never have to remember them yourself.  The fewer passwords you remember, the less likely you will be to reuse them for your accounts. Get more details about my best expert-reviewed Password Managers of 2024 here