Over 2 billion people worldwide use Google's Chrome browser. If you're one of them, even if it's not your only browser, you should update it right now to protect yourself against a newly discovered security flaw.
The security flaw was discovered by researchers but hasn't yet been used by miscreants, so far as we know. The security loophole is part of Blink, which drives Chrome's browser engine. If a user with a compromised browser were to visit--or be redirected to--the wrong website, "an attacker could install programs; view, change, or delete data; or create new accounts with full user rights," according to an alert by the Center for Internet Security. Sounds pretty bad.
And this flaw does not only affect Windows computers and laptops. Apple computers are at risk too, as are Linux computers and even Chromebooks. The fact that the attack takes place within the browser means everyone with the desktop version of Chrome is at risk. But, Google says, you don't have to worry about the mobile version of the browser you may have on your smartphone or tablet. That version of Chrome isn't vulnerable.
To fix the problem, Google began rolling out an emergency update to Chrome four days ago, which means you probably have the update available by now. In order for Chrome to update, it must be closed and relaunched. That means, if you're like me and many other users and you leave Chrome open on your computer most of the time so you can easily find your most frequently used websites, you can slip behind in your updates.
How to update Chrome.
So you should probably update right now, which is a simple task in Chrome. (I did it right before I began writing this column and it only took a minute or so.) Go to the three-dot menu at the upper right corner of your browser. Click on Help and then go to About Google Chrome. That will likely start the update downloading, if it hasn't downloaded already. You'll be prompted to relaunch Chrome. Once you do, the update will be complete and you'll be safe from this particular threat.
Once you're relaunched, if you want to be absolutely sure, go back to About Google Chrome. It should tell you that Chrome is up to date, and that it's Version 76.0.3809.132. If you have that number, you're all set. If you think or know that your Chrome browser has been updated within the past couple of days, checking for that Version Number will tell you if you're safe, or if you need to do another update.
Incidentally, the security flaw was discovered as part of Google's bug bounty program. Google offers rewards to developers who identify security flaws, and Luyao Liu and Zhe Jin from the Chinese security company Qihoo 360 received a $5,500 reward for finding it. The idea is to give engineers an incentive to find security flaws before the bad guys do. This time around, that strategy appears to have worked.