What is the "zero-day" vulnerability in Google Chrome?

A zero-day vulnerability is a security flaw unknown to the software vendor, allowing attackers to exploit it before a patch is available. One such high-risk flaw is actively being exploited in the latest Chrome update.

How do I update Google Chrome to fix the zero-day?

Chrome usually updates automatically. You can manually check by going to 'Help' > 'About Google Chrome' to initiate the update to the latest secure version.

Are other browsers like Microsoft Edge affected by the Chrome zero-day?

Other Chromium-based browsers, including Microsoft Edge and Brave, have updated to Chromium 143, aligning with Chrome's security level. Opera and Vivaldi are also addressing these vulnerabilities.

Home / Technology / Urgent Chrome Patch: Critical Zero-Day Exploited

Urgent Chrome Patch: Critical Zero-Day Exploited

11 Dec

•

Summary

Google Chrome fixes three vulnerabilities, one being a zero-day.
The zero-day vulnerability is actively exploited in the wild.
Other Chromium browsers like Edge and Brave have updated.

Urgent Chrome Patch: Critical Zero-Day Exploited

Google has released new versions of Chrome, specifically 143.0.7499.109 for Windows and macOS and 143.0.7499.109 for Linux, to address three critical vulnerabilities. One of these is a zero-day flaw actively exploited by attackers, prompting an expedited release by Google. Details remain scarce, with only a "High: Under coordination" note provided, lacking a CVE number or specific component information, though more details are anticipated soon.

These security fixes are now available through Chrome's automatic update mechanism. Users can also manually check for updates by navigating to "Help" > "About Google Chrome." The same vulnerabilities have been resolved in Chrome for Android (143.0.7499.1092) and iOS (143.0.7499.108). The Extended Stable Channel for desktop users now includes Chromium version 142.0.7499.235.

Manufacturers of other Chromium-based browsers are urged to implement similar updates promptly. Microsoft Edge and Brave have already transitioned to Chromium 143. Vivaldi has released an update incorporating Chromium 142.0.7444.237, which should address known security gaps in that version. Opera's latest version, based on Chromium 141, may require backported patches if the zero-day affects its foundational version.