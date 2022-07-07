Image : VideoBCN ( Shutterstock )

If you use Google Chrome on Windows or on Android, you should update as soon as possible. There is a new browser update for each platform that includes patches for newly discovered security vulnerabilities. The bad news: One of these security flaws has a known exploit, which means your browser and data are at risk unless you update now.

Google confirmed these updates on its Chrome Release blog for Windows Y Android. Windows users will need to update to version 103.0.5060.114, while Android users will see version 103.0.5060.71. The company says that these updates fix four security vulnerabilities in Chrome for Windows and three vulnerabilities in Chrome for Android. Interestingly, however, Google omitted one of the vulnerabilities from its list:

[Valor a determinar][ 1341043 ] High CVE-2022-2294: WebRTC heap buffer overflow. Reported by Jan Vojtesek of the Avast Threat Intelligence Team on 07/01/2022

] High CVE-2022-2294: WebRTC heap buffer overflow. Reported by Jan Vojtesek of the Avast Threat Intelligence Team on 07/01/2022 [$7.500][ 1336869 ] High CVE-2022-2295: Type confusion in V8. Reported by avaue and Buff3tts on SSL on 06/16/2022

] High CVE-2022-2295: Type confusion in V8. Reported by avaue and Buff3tts on SSL on 06/16/2022 [$3.000][ 1327087 ] High CVE-2022-2296: Use after free in Chrome OS Shell. Reported by Khalil Zhani on 05/19/2022 (Desktop only)

While it is important to protect yourself from all possible security bugs, the first of these three is actually the most concerning, as Google confirmed in its update log that there is a known exploit for CVE-2022-2294. When there is an exploit for a security vulnerability, it means that at least someone knows how to take advantage of the bug, if they haven’t already. That’s dangerous, as billions of Chrome users on Windows and Android will likely be at risk until the bug is fixed and their devices are updated.

CVE-2022-2294 is a buffer overflow vulnerability. Occurs when a program attempts to write more data to a memory location than that location can accept, causing it to overflow into another space. These vulnerabilities are not uncommon, but when they are discovered, they can be exploited by malicious hackers. If Chrome isn’t fully up to date on your PC or Android device, you’re at risk.

G/O Media may get a commission UNDER $1 99¢ Prime Video Channels Prime content

Add Showtime, Starz, Paramount+, Discovery, and more to your Prime Video account for less than $1 each for the first two months of your subscription.

While Google is not publicly aware of exploits for other vulnerabilities at this time, it is likely that such vulnerabilities will be discovered over time. The longer you wait to update, the more vulnerabilities there are to deal with.

For some reason, these security flaws don’t seem to affect Mac or iOS users. So you won’t see a new Chrome update on these platforms just yet.

How to update Google Chrome on Windows and Android

To protect your browser and your data, update Chrome now. To do this on Windows, click the three dots in the top right corner of the browser window, then select Help > About Google Chrome. Allow Chrome to check for a new update. If one is available, select “Reset” to install the update on your browser.

To update the app on Android, go to the Google Play Store. Search for Google Chrome, then click “Update” next to the app. If you have automatic updates enabled, the app can update itself: if you only see an “Open” option, you’re good to go. [How-To Geek]