Update Strongly Encouraged
Google‘s Threat Analysis team has discovered two Zero-day vulnerabilities last week affecting the Chrome browser. They have now issued an update fix with the latest version 72.0.3626.121.
Normally, some users have auto-update enabled. However, in case you are unsure, simply go to Settings > About Chrome then see if it the version number 72.0.3626.121 matches.
How is this Security Threat Different from Previous Exploits?
Google was quick to issue an update due to the way these exploits work. Instead of attacking a plugin, these vulnerabilities apparently target the Chrome code directly.
https://twitter.com/justinschuh/status/1103763266445037568If it is just a plugin, Chrome is actually smart enough that it could silently update the plugin behind the scenes without any user intervention. Since this is a zero-day exploit, users have to manually close the program and restart. Even if the software update is installed.
So far, this issue seems to be only affecting Windows 7 users. This issue so far does not seem to involve Windows 8.1 or Windows 10 OSes. However, precaution is necessary and updating to the latest browser version is safer.
