On March 27, 2024, Google released security updates for Chrome to address 7 vulnerabilities, including 2 zero-day vulnerabilities that were exploited during the Pwn2Own 2024 event. This is not the first time zero-day vulnerabilities have been discovered in Chrome. In fact, 8 zero-days have been discovered in Chrome since the beginning of 2024.

A zero-day vulnerability is a software security vulnerability that is unknown to the software vendor until it is exploited in the wild. This gives attackers a “zero-day” window to exploit the vulnerability before a patch can be released.

We recommend that all Chrome users update their browser to at least version 123.0.6312.86/87 on Windows and Mac, and version 123.0.6312.86 on Linux.

How to update:

  1. Open Chrome.
  2. Open the Chrome menu.
  3. Select “About” at the bottom of the menu.
  4. On the “About” page, you will find the version number. On Windows, you can update Chrome from this page.
  5. On other systems, you can update Chrome from the app store.

The Pwn2Own Vancouver event is held annually in Vancouver, Canada. It brings together security researchers from around the world to compete in hacking various operating systems and software. The goal is to discover security vulnerabilities in software and hardware and encourage companies to fix them.