Update Google Chrome to latest version immediately to avoid trio of threats

Google Chrome users need to update their browser to the latest version immediately to protect themselves from three different zero-day vulnerabilities. 

The company is aware of the vulnerabilities and issued a fix for the them in the latest update, 80.0.3987.122. The zero-day vulnerabilities were labeled as “high” in severity and could allow potential hackers to trick people into visiting a fake webpage, which could affect the computer’s entire system. 

One vulnerability, in particular, CVE-2020-6418, was the result of a type confusion in the V8 JavaScript and is reportedly the only zero-day vulnerability that’s being actively used by hackers.

According to Forbes, a zero-day vulnerability is “a security vulnerability that is not known to the product vendor or security researchers but, crucially, is known to threat actors who can then exploit it.”

The vulnerabilities were found by Google’s security team, as well as André Bargull, who received a $5,000 reward for reporting the vulnerability to Google last month. 

Google wants its users to update to the latest Google Chrome version before providing more information about the vulnerabilities to help keep hackers from using these vulnerabilities to their advantage.  

Chrome Smartphone stock image
Deepanker Verma/Pexels

How to update Google Chrome 

Updating your Google Chrome browser to protect you from these vulnerabilities is simple: 

  1. Go to the upper-right corner where there are three dots
  2. Click Help, then click About Chrome 
  3. Google Chrome will automatically check for updates and prompt you to relaunch to a new browser version if your current browser is out of date

Digital Trends reached out to Google to comment on the vulnerabilities. We will update this story when we hear back. 

The last Google Chrome zero-day vulnerabilities occurred in November. The two vulnerabilities, which have since been fixed in browser updates, could have allowed hackers to corrupt or modify the data in the browser’s memory.

Google also recently removed more than 500 extensions from its Chrome Web Store after learning that these extensions injected malicious ads into people’s browsing sessions. The extensions were able to remain in plain sight on the Chrome store, as they were designed to beat Google’s fraud-detection systems.

Editors' Recommendations