Google releases important update to address major security threats

Google Chrome users have been alerted to check for an update in their browser following the discovery of three "high level" threats. One of these threats was identified as Google's fifth zero-day vulnerability patch this year, which means it was a threat that previously had no defences against hackers. In total, Google deployed 10 security fixes in the new update.

Exploit discovered by hackers before Google's security teams

A concerning aspect of these threats is that hackers discovered one of them, known as CVE-2023-5217, before Google's security teams did. This vulnerability allowed hackers to have arbitrary code execution capabilities, meaning they could run commands of their choice on any device they gained access to via a vulnerability.

Notable researcher uncovers the bug

The bug that was reported at the beginning of the week was discovered by Clément Lecigne, a researcher from Google's Threat Analysis Group (TAG). TAG researchers are renowned for their expertise in identifying vulnerabilities in targeted spyware used by government-sponsored cyber gangs.

Risks to passwords and extensions

The other two "high level" threats were identified as use-after-free flaws that could potentially jeopardize users' passwords and extensions. It is crucial for Google Chrome users to update their browser promptly to ensure their online security.

Update may take time to reach all users

According to an advisory notice issued by Google, it may take several days or even weeks for the updated browser to reach all 3.2 billion Chrome users. While most users have their Chrome updates set to install automatically, those who have intentionally switched off this setting should keep an eye out for the update. The update is titled "Google Chrome 117.0.5938.132."