Google has updated Chrome to fix 14 security flaws, including a "zero-day" flaw that has been exploited by unknown hackers

To verify that your desktop version of Chrome for Windows or Mac has been updated to version 9104472101, click on the three vertical dots in the upper right corner of your browser window, scroll down to "Help" and from the From the menu, click "About Google Chrome"

A new tab will open If the browser displays that it is up-to-date, you are done If not, a newer version will automatically be downloaded and you will then need to restart your browser (Linux users may need to wait for the next update of their distribution)

This zero-day, cataloged as CVE-2021-30551, is related to a flaw in Windows, also a zero-day, that Google researchers discovered last week and Microsoft patched yesterday (June 8) This is according to Shane Huntley, director of Google's threat analysis group

The Chrome zero-day was categorized in a Chrome Releases blog post today as being due to a "type confusion in V8"

V8 is the same type of zero-day that is used by Chrome, Brave, Microsoft Edge, Opera, Vivaldi, and other Chromium It is an open source JavaScript rendering engine used by other browsers based on the project

As of this writing Wednesday evening (EST), Chrome has not been patched in any of these four browsers, but we will show you how to check at the end of this article

It is not clear how technically similar Chrome and Microsoft's zero-day are The Microsoft one affects HTML parsing used by Internet Explorer and other legacy software, but this software is only used by Chromium-based Edge when in "Internet Explorer mode"

Bleeping Computer notes that this is the sixth zero-day flaw in Chrome patched in 2021; the two patched by Google in April were discovered by Kaspersky and patched by Microsoft yesterday (June 8) They were used in conjunction with the Microsoft flaws

All of these zero-day flaws appear to be used in sophisticated nation-state attacks against specific targets, possibly for espionage purposes However, as the details of the flaws become clearer, criminals may begin to use the flaws for more indiscriminate attacks against a wider range of targets

The security risk from today's Chrome zero-day is rated "high" However, there is another fix for a flaw rated "Critical" related to "use after free of BFCache," which is in the way Chrome keeps recently viewed web pages in the computer's running memory vulnerability exists in the way Chrome keeps recently viewed web pages in the computer's running memory

A list of the latest Chrome/Chromium updates can be found here

Of the other Chromium browsers, Brave uses Chrome's version number, making it easy to check if it is up-to-date

In Edge, you must type "edge://version" in the address bar and press Enter or Return Edge and Brave can be updated in the same way as Chrome

For Opera and Vivaldi, click the browser icon in the upper left corner, then click Help > About Under "User Agent" or "Browser Identification," you will see the corresponding Chrome version number

In Opera, if an update is available on this page, it will start updating; in Vivaldi, click Help > Check for Updates

]