IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Google fixes zero-day flaw in Chrome and Chrome OS

Flaw created by memory corruption bug in FreeType font-rendering library

Chrome logo on black background

Google has discovered htat the latest versions of Chrome and Chrome OS contained a zero-day security flaw.

Project Zero, Google’s security team responsible for finding these vulnerabilities, discovered hackers were using the bug to attack Chrome users’ systems. Google patched Chrome’s flaw a few days ago, and has now rolled out a fix for Chrome OS. 

Today’s Chrome OS 86.0.4240.112 update addresses the detected zero-day security flaw on Google Chromebooks. The vulnerability was a memory corruption bug in the FreeType font-rendering library. 

Other functional changes in the Chrome OS update include fixes for the 'Clear all' button and 'Pairing lost' notification, and flags for modifying the protection level against Spectre.

If you’re uncertain whether your Chrome OS is up to date or not, here’s how to find out if there’s a Chrome OS update:

  1. Click the “Settings” gear icon on the lower right corner of your screen
  2. Click “About Chrome OS” on the bottom of the left panel
  3. Find your Chrome OS version under “Google Chrome OS”
  4. Click “Check for updates”
  5. Your Chromebook will automatically download an update if one’s available
  6. Restart your Chromebook to complete the update

Two days ago, Google also launched Chrome version 86.0.4240.111, which included a patch for Chrome’s zero-day security vulnerability. 

Users should have the Chrome patch by now, but you can check if your Chrome browser is up to date with these steps: 

  1. Open your Chrome browser and look the three vertical dots on the top right corner
  2. If the dots are colored, there is a pending update
    1. Green means the update it less than two days old
    2. Orange means the update is about four days old
    3. Red means the update is a least a week old
  3. If the dots are colored, click them to open the menu
  4. Click “Update Google Chrome”
  5. Exit your Chrome browser and reopen it to complete the update

A zero-day security vulnerability is a previously unknown software flaw that would be of interest to the software developer or vendor. Cybercriminals and hackers can exploit this flaw to attack users, computer programs, data, other computers or a network.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Mastering endpoint security implementation
Security

Mastering endpoint security implementation

18 May 2022
The Total Economic Impact™ of Apple Mac in Enterprise: M1 update
Whitepaper

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update

12 May 2022
Dell Technologies World 2022: Dell unveils fastest storage architecture in company history
Server & storage

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history

4 May 2022
Dell Technologies World 2022: Dell unveils security offerings for major cloud providers
public cloud

Dell Technologies World 2022: Dell unveils security offerings for major cloud providers

3 May 2022

Most Popular

Open source packages with millions of installs hacked to harvest AWS credentials
hacking

Open source packages with millions of installs hacked to harvest AWS credentials

24 May 2022
Nvidia pauses hiring to help cope with inflation
Careers & training

Nvidia pauses hiring to help cope with inflation

23 May 2022
Europe's first autonomous petrol station opens in Lisbon
automation

Europe's first autonomous petrol station opens in Lisbon

23 May 2022