Google Chrome is the American tech giant’s internet client that is used across the globe.
In fact, Google Chrome is considered to be the most popular internet browser on both desktop and mobile, meaning it surpasses the likes of Safari, Microsoft Edge and Mozilla Firefox in terms of monthly users.
Google released a new update for Chrome on Friday, March 1, that appeared to be an incremental upgrade for the software.
However, Justin Schuh, Google Chrome’s security lead, has since revealed the upgrade fixed a zero-day for the software.
A zero-day is a term used to describe a computer software vulnerability that is unknown to the party that would be concerned with remedying it.
Since Schuh’s tweet discussing the new update, he has since emphasised all Chrome users should update the software to avoid suffering from the vulnerability.
He said: “Seriously, update your Chrome installs…like right this minute.”
ZDNet has insisted the security compromise has been exploited and was under “active attacks” at the time the patch released.
Moreover, the outlet also said Google described the zero-day as being caused by a “memory management error” in Chrome’s FileReader.
A FileReader is a web API used by web browsers that allows online programmes read files stored on a user computer.
The security compromise was described as a “Use-After-Free”, which essentially changes how online applications read a computer’s memory for malicious purposes.
In such an instance, it is possible malware could be installed on user computers.
Google has described the security issue as being “high” in severity.
It is advised Chrome users update their browser to its latest version, 72.0.3626.121, as soon as possible.
If you are running Chrome on Windows, Mac or Linux and have not automatically received the update, you can download it manually by typing chrome://settings/help into the programme’s URL.
After the new update has been installed, Chrome users will be prompted to restart the software.