In a blog post on Thursday, Clement Lecigne of Google’s Threat Analysis Group disclosed that two zero-day vulnerabilities were discovered in Google Chrome. Chrome users are being urged to install the latest version of the browser right away.
"Seriously, update your Chrome installs... like right this minute," Google Chrome Security and Desktop Engineering Lead Justin Schuh wrote in a tweet.
The flaw has been deemed a high risk security flaw and has been exploited by hackers since last week.
"Google is aware of reports that an exploit for CVE-2019-5786 exists in the wild," the tech giant said. The company said it has “only observed active exploitation against Windows 7 32-bit systems.” Those users are urged to upgrade to Windows 10.
The bug was first reported on February 27, and Google quietly rolled out an update to address the issue two days later on March 1.
Chrome users are urged to verify that their browser updated automatically by opening Chrome, going to the menu, and then clicking “About Google Chrome.” The latest version of the software, which includes a fix for the issue, is version 72.0.3626.121.
Google said it’s refraining from providing additional details about the bug until a majority of Chrome users have installed the update.