Chrome 117.0.5938.132 update available

Google is once again securing its Chrome web browser against ongoing attacks. The new update fixes ten security vulnerabilities in Chrome. One is already being exploited. Secure versions for Linux, macOS and Windows have been released.

If you surf the Internet with Chrome, you should make sure that version 117.0.5938.132 is installed. The developers have closed a total of ten security gaps. The according Chrome Releases Blog states that there are already attacks on a vulnerability.

The attacked vulnerability (CVE-2023-5217) has a threat level of high. It affects the final encoding of the video codec VP8 in the video codec library libvpx. If an attack is successful, it should lead to a memory error (heap buffer overflow). This is how most malicious code gets onto systems. How an attack takes place and to what extent the attacks occur is currently unknown.

Two other vulnerabilities (CVE-2023-5186, CVE-2023-5187) are also rated high and lead to memory errors.

To ensure that the browser is already running in the latest version, just click on the settings menu, which can be found to the right of the address bar under the icon with the three stacked dots, and then click Help - About Google Chrome.

The version dialog shows the currently running version of the browser and starts the update process if available. At the end, the dialog prompts you to restart the web browser.