A buffer overflow in WebRTC, a real-time communication standard supported by all major browsers, is the source of the zero-day security flaw. It’s used to create audio and video communication apps for websites.
Google has not released any information about the bug and will not do so until the majority of Google Chrome users have installed the security patch. It has a “high” severity rating. It may allow a malicious website to take control of users’ computers.
As of writing, it has been fixed and is already available in Google Chrome version 103.0.5060.114 for Windows and Chrome 103.0.5060.71 for Android. Users are advised not to browse without updating when an exploit is circulating online. It has been recommended to install the update right away and restart Chrome without waiting for it to complete automatically.
To update, get on Windows, select Help > About Google Chrome from the menu button in the upper-right corner of the Chrome browser window.
On Android, users must update Chrome via the Play Store.
If the update hasn’t already been installed, Google Chrome will find it and install it for users, and they’ll see a progress bar. When Chrome has finished updating, click the “Relaunch” button.