After Apple released a series of security patches to patch a critical WebKit vulnerability in Safari on the Mac, Google has released an emergency security update for its own Chrome browser to fix a vulnerability that has been exploited in the wild.
Google has labeled the vulnerability as high risk and is urging all users to update to version v112.0.5615.121. The update, which arrived on April 14, includes two security fixes, one of which is revealed to be a typing confusion bug in V8 discovered on April 11 by Google’s Threat Analysis Group. Google says it is aware that the vulnerability has been exploited in the wild but declined to provide specific details.
As usual, Google is restricting access to specific information about the bug until “a majority of users have been updated with a fix.” The second flaw is not disclosed, but Google reports that “ongoing internal security work was responsible for a wide range of fixes.”
This is the first 2023 patch that fixes a zero-day. In 2022, Google pushed nine emergency Chrome updates to fix Chrome zero-day bugs and had already released three by mid-April.
To update Chrome, click the Chrome menu then About Chrome. Check the version number to see if it has been updated to v112.0.5615.121. If not, click Download and Install and follow the prompts.