Restart your Google Chrome browser now — or risk losing data to hackers
Hackers are already aware of the glitch and using it in a series of scams, Google has confirmed, a phenomenon known as a zero-day flaw
GETTY
If you’ve been putting off closing your Google Chrome app and restarting the browser to apply the latest update — don’t delay a second longer. The new version of the world’s most popular browser fixes a security flaw that scammers are actively exploiting to wreak havoc for users.
The flaw in the code of the browser can be used to remotely-trigger a crash or unlock access to sensitive user data, experts warn. It’s unclear how hackers are exploiting the flaw to attack Chrome users since Google witholds specific details until the majority of browser users have installed the fix.
This is designed to stop copycat attacks, potentially putting more Chrome users at risk.
Chrome is designed to update automatically, with most security patches downloaded in the background — depending on the permissions granted to the app on Windows or Mac.
If an update is downloaded but not yet installed, you might find a warning at the top of the main menu stating “Relaunch to update”, “Finish update”, or “New Chrome available”.
Google will flag an update that needs to be applied with a series of colour-coded buttons
You’ll need to relaunch Chrome to apply the latest security patches. This will involve closing the app — interrupting any in-progress downloads, messaging, or Incognito Mode windows
Google will save any opened tabs and windows, reopening everything automatically when the updated Chrome browser restarts. However, due to the private nature of Incognito Mode tabs and windows, these will not reopenwhen Chrome restarts.
If you’re unable to close or relaunch Google Chrome at the moment, it’s possible to defer the restart by clicking “Not now”. The next time you restart your browser, the update will be applied.
Given that scammers are actively exploiting the current flaw, it’s wise not to defer the update.
The latest zero-day flaw was unearthed by security researcher Toan (suto) Pham of Qrious Secure, earning them a $1,000 bounty from google in the process. The bug concerns an out-of-bounds memory access weakness in Chrome’s V8 JavaScript engine.
To push users to update as promptly as possible, Chrome displays a colour-coded warning in a bubble beside your profile picture as soon as an important software update becomes available. If the bubble is green, the update is two days old, orange indicates that it’s been four days, and red is designed to flag an update that was released at least a week ago that you still haven’t applied.
LATEST DEVELOPMENTS
If you don’t want to wait for the warnings to appear, you can always manually check for updates to Google Chrome by clicking on the three-dot menu in the top right-hand corner of the browser.
From there, open Settings > About Chrome.
If there’s an update ready to be downloaded and installed, Chrome will automatically start the process from this page. It will be applied next time you close the browser or restart your computer.