It’s more important than usual to update to the latest version of Chrome. Version 88.0.4324.150 of Google’s browser released on Thursday fixes a vulnerability which the search giant says is actively being exploited in the wild. The update is rolling out now across Windows, Mac, and Linux.
Google isn’t providing specific details about the CVE-2021-21148 vulnerability “until a majority of users are updated with a fix.” But ZDNet notes that the date Google says the bug was reported on (January 24th) is just one day before Google’s Threat Analysis Group publicly disclosed a hacking campaign that appeared to be relying, in part, on an unpatched vulnerability in Chrome. It said government-backed hackers based in North Korea had set up a blog to lure their targets to, which would infect their machines even if they were running fully-patched software.
Regardless of the exact bug being patched, it’s more important than usual to ensure you’re running the latest version of Chrome. Although the browser’s update process is basically automatic, you can accelerate things and force an update in the “About Google Chrome” menu.