Uncovered last Friday close by the arrival of a crisis fix, the weakness requires a fix that ought to be presently accessible to most clients of Chrome and other Chromium programs (like Edge). Since this flaw is being used in the wild, you should update Chrome right away.
You should see a small notification in the upper right corner of your Chrome window (as well as for Edge users) if the update has already been applied to your version of Chrome.
New Update on Chrome
If you are not yet up to date, Chrome should begin downloading the patch as soon as you open the About Google Chrome screen. To apply the patch, click the button and restart the browser. After that, you should be brought up to date to version 112.0.5615.121.
When we checked one of our computers with Chrome installed, the version number was still 112.0.5615.86, indicating that the patch had not yet been applied. For Edge clients, a similar interaction applies, however, the last rendition number will be 112.0.1722.48.
This exploit depends on a kind of disarray bug in Chrome’s V8 JavaScript motor, which we’ve found in the wild previously. The most recent one is the first of 2023. It affects Windows, Linux, and macOS, as Clément Lecigne of Google’s Threat Analysis Group reported on Tuesday.
However, as is typical when a high-severity flaw is first discovered, the specifics of how the attackers have been manipulating this flaw have not yet been revealed. When an explanation is delayed, the affected have time to implement the fix, which you now know to do.
