Google has released a key Chrome update Ver 88.0.4324.150 fixes a vulnerability which the search giant says is actively being exploited in the wild.
The Chrome 88 update is being rolled out across Windows, Mac, and Linux devices.
Google isn’t providing specific details about the CVE-2021-21148 vulnerability “until a majority of users are updated with a fix.” But its Threat Analysis Group last month disclosed a hacking campaign by state-backed North Korean hackers who allegedly misused an unpatched vulnerability in Chrome.
The company said that access to bug details and links may be kept restricted until a majority of users are updated with a fix.
“We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed,” Google said.
Late last month, Google reported that the government-backed hackers based in North Korea are targeting individual security researchers through a number of means including a “novel social engineering method.”
The hacking group has used multiple platforms to communicate with potential targets, including Twitter, LinkedIn, Telegram, Discord, Keybase and email.
Irrespective of the exact bug being patched, it’s more important than usual to ensure that users get the latest version of Chrome.
The browser’s update process is basically automatic, users can accelerate things and force an update in the “About Google Chrome” menu.