Google Chrome users need to update the desktop version of their Web browser as soon as possible, its lead security engineer has warned.
Justin Schuh gave the warning after the Internet giant announced it had uncovered a bug — known as a zero-day exploit — in its software which is actively under attack by hackers.
Google has released an update to address the problem but said it is aware an exploit for the bug “exists in the wild”, meaning hackers could use the bug to attempt to access people’s computers.
Schuh posted a link to Google’s alert on the bug to Twitter, adding: “Seriously update your Chrome installs… like right this minute.”
Schuh added that unlike previous bugs found in Chrome, which have targeted third-party software linked to the browser, this bug “targeted Chrome code directly”.
He said it is worth raising more publicly with users as the fix requires them to take the extra step of manually restarting the browser after the update to nullify the exploit.
FileReader
The exploit relates to a part of the Chrome software called FileReader, which allows Web apps to read the contents of files stored on a user’s computer when allowed to by the user.
Google has not released any further details on the bug, saying: “Access to bug details and links may be kept restricted until a majority of users are updated with a fix.”
This is to prevent copycat hackers from using similar techniques to try and break into people’s accounts.
Chrome is the most commonly used Web browser in the world, with more than two billion active users.
