Manually patch now or wait for an update to roll out in the coming weeks, the choice is yours
Following the release of version 100 of its browser, Google has released a new update for Chrome to fix a high-severity zero-day vulnerability that is being actively exploited in the wild.
According to a new security advisory put out by the search giant, the company is aware that an exploit exists for this high-severity vulnerability tracked as CVE-2022-1364.
The vulnerability was discovered by Clément Lecigne from Google’s Threat Analysis Group who immediately reported it to the Google Chrome team. Although Google has observed this zero-day actively being exploited in the wild, the company has been tight lipped regarding any attacks. In its security advisory, it said that details about the bug and links will be “kept restricted until a majority of users are updated with a fix”.
Manually updating Chrome is your bet bet
Google Chrome 100.0.4896.127 for Windows, Mac and Linux will roll out in the next few weeks as an update.
However, due to the high-severity of this vulnerability, security-conscious users can update Chrome immediately by going into the Chrome menu, heading to Help and clicking on About Google Chrome. Here, they’ll be able to manually install the update themselves as opposed to waiting for Google to roll it out.
For those that would rather wait though, Chrome will automatically check for new updates and install them the next time you close and relaunch the browser.
This is the third zero-day vulnerability that has been discovered and patched in Chrome this year.