Google is rolling out new security fixes for users of its popular web browser, addressing seven security fixes, one of which is serious enough to warrant an emergency patch.
Both desktop and mobile users are treated to an updated version of Chrome, along with a warning from Google that at least one of the bugs addressed is being abused by attackers in the wild.
Tracked as CVE-2023-6345, the high-risk flaw is described as an integer overflow bug in Skia, a graphics library used by Chrome. The web giant credits Benoît Sevens and Clément Lecigne, both working at Google as threat analysts.
“Google is aware that an exploit for CVE-2023-6345 exists in the wild,” according to the advisory.
The weakness is patched in Chrome 119.0.6045.199 for Mac and Linux and Chrome 119.0.6045.199/.200 for Windows.
Android releases typically contain the same security fixes as their corresponding desktop release, meaning the issue also affects mobile users. Android users will want to update to Chrome 119 (119.0.6045.193) to apply the patch.
While the Skia bug is the only zero-day vulnerability fixed in this release, the others addressed this week are all rated high-risk, making it even more important to update as soon as you get a chance.
Apple users are unaffected, as is typically the case with the iOS version of the popular Chrome browser.
For more peace of mind, consider using a dedicated security solution on both your computer and your phone at all times.