Millions of internet users are at risk of being hacked after three security holes were located in Google’s Chrome browser.
Google has released an urgent update, although users could have already been had sensitive data accessed as one of the holes patched was a “zero-day” –a bug being exploited by cybercriminals before Google tracked it down and fixed it.
The tech giant has offered little information around the “high” security risk, with fears providing information could lead to more attacks before people update the browser.
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” the company explained.
“We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on but haven’t yet fixed.
“Two of the security holes were discovered by Google’s in-house Project Zero and Threat Analysis teams, while the third was discovered by third-party researcher who was awarded $A7600 under the tech giant’s big bounty program.
Google Chrome should automatically check for updates and prompt you to relaunch to a new browser version if your current browser is out of date.
However, you can update the browser by going to the three-dot menu in the top right corner of Chrome > Help > About Google Chrome. The last Google Chrome zero-day vulnerabilities occurred in November and was fixed in browser updates.
Google also recently removed more than 500 extensions from its Chrome Web Store after learning they injected malicious ads into browsing sessions.
Story: Nine News