Google has warned owners of Windows and Mac computers have been told to urgently update their Chrome internet browser, after learning that hackers may have exploiting a mystery bug that has existed since its launch.
Justin Schuh, Chrome’s security engineer chief warned users to update Chrome “like right this minute” on Twitter, declaring it a “#PSA [Public Service Announcement]”.
The company shared a blog post in which it said an update that should fix the vulnerability, which it described as “high” in severity, had already been issued. It is up to users to update their browser.
It said that the flaw was a “Use-After-Free”, which is a type of flaw that corrupts how a web app accesses a computer’s memory and can be used to install malicious software on a computer, causing it to crash or behave strangely.
Those who are concerned can check their device is running the updated version of Google Chrome by opening a window and clicking on the three vertical dots in the right-hand corner. Clicking “help”, followed by “about Google Chrome” in the drop down menu will lead to a page that will assist with updating. The bug was discovered by Clement Lecigne of Google’s Threat Analysis Group on February 27, Google said.
Microsoft’s security chief raised eyebrows last month when he asked Windows PC owners to stop using Internet Explorer unless there was no other option. He claimed this was because it is no longer being updated – and therefore no longer being secured – by the company. Internet Explorer has issued a number of patches for “Use-After-Free” bugs in the past.
Security researchers have for years been picking holes in Google and Microsoft’s apps, often in return for high sums of money as part of a “bug bounty”. Last year Facebook said it had paid one individual $50,000 for finding glitches in the social network’s code.