It is more important than usual to update to the latest version of Chrome. Version 88.0.4324.150 of Google’s browser released Thursday fixes a vulnerability that the search giant says is actively exploited in the wild. The update is now being rolled out for Windows, Mac and Linux.
Google does not provide specific details about the CVE-2021-21148 vulnerability “until a majority of users are updated with a fix.” But ZDNet notes that the date Google says the bug was reported (Jan. 24) is just one day before Google’s Threat Analysis Group released a hacking campaign that appeared to be based in part on an unpatched vulnerability in Chrome. It said government-backed hackers in North Korea had set up a blog to lure their targets, who would infect their machines even if they were using fully patched software.
Regardless of the exact bug being patched, it’s more important than usual to make sure you’re running the latest version of Chrome. While the browser update process is basically automatic, you can speed things up and force an update in the “About Google Chrome” menu.