Skip to main content

Update Google Chrome now to protect yourself from an urgent security bug

Google posted a security update for its Chrome browser that fixes what’s known as a zero-day bug. The problem affects Chrome on Windows, Mac, and Android. The flaw can lead to arbitrary code execution, a serious security vulnerability, so it’s best to download and install the latest version immediately. Zero-day bugs mean that this is a known weakness and, in this case, Google said that the flaw is already being exploited by hackers.

Google did not post a detailed explanation of how the exploit works, but will do so when the majority of people have updated, making the danger of further attacks less severe. The most severe bug is identified as CVE-2022-2294 and the update also patches CVE-2022-2295 and CVE-2022-2296.

Google Chrome app on s8 screen.
Dennizn / Shutterstock

Although details are scarce, the exploit is being used by hackers in the wild, so we recommend updating Chrome immediately. The exploit may allow arbitrary code execution on your desktop, which has the potential to give hackers full access to your PC.

This is the fourth Chrome zero-day bug fixed this year, with previous fixes arriving in February, March, and April, signaling an increase in hacking attempts. It would be best to enable automatic Chrome updates while on the *About Chrome* page to get these problems taken care of as soon as possible.

How to protect yourself

To install the latest version of Google Chrome on Windows or Mac, open the app and click the three vertical dots at the top-right to see more options. In the Help menu, choose About Chrome to see information about the browser. In most cases, Chrome will automatically start the update process so that only a relaunch is required to finish the installation. If an update button appears, click it, then relaunch the app to finish and secure the browser from attacks.

From the About Chrome page, relaunch to update.
Image used with permission by copyright holder

If the latest version is already installed, no update is necessary, and not every computer is affected. The Chrome Stable channel on Windows and Extended Channel on both Windows and Mac require the update. By default, Chrome is on the Stable channel, which is best for most users and is least likely to have problems.

Editors' Recommendations

Alan Truly
Computing Writer
Alan is a Computing Writer living in Nova Scotia, Canada. A tech-enthusiast since his youth, Alan stays current on what is…
This Google Chrome feature may save you from malware
Google Chrome app on s8 screen.

There are probably hundreds of thousands of Google Chrome extensions out there, and with so many options to choose from, it can be hard to know whether the plugin you want to install is hiding malware nasties.

That could become a thing of the past, though, as Google is testing a feature that will warn you if an extension you installed has been removed from its Chrome Web Store.

Read more
Chrome has a security problem — here’s how Google is fixing it
Google Chrome icon in mac dock.

Google is looking to get ahead of high-severity vulnerabilities on its Chrome browser by shortening the time between security updates.

The brand hopes that more frequent updates will give bad actors less time to access and exploit n-day and zero-day flaws found within Chrome browser code.

Read more
Vital security update for Apple devices takes only a few minutes to install
iPhone 14 Pro Max in hand.

UPDATE: Just hours after rolling out the security update, Apple has pulled it after users began experiencing compatibility issues with Safari for sites such as Instagram and Facebook. If you've already installed the update, you can downgrade on iPhone and iPad by going to Settings, then General. Select About and then OS version. Finally, tap Remove Security Response.

For Mac, select the Apple logo top left and then System Settings. Next, select General, and then About. Under macOS, select the "i" (information) button located beside the OS version. Where it says Last Security Response, select the Remove & Restart button, and then Remove Response and Restart in the prompt.

Read more