There is another zero-day exploit for Chrome, and Google has issued a security update to fix the vulnerability that is being actively exploited.
Google Chrome browser
The company is rolling out the update -- 107.0.5304.121 -- for Windows, Mac, and Linux over the coming days or weeks.
The vulnerability tracked as in the database of security bugs and vulnerabilities allowed a remote attacker to break out of the Chrome sandbox using a special HTML webpage with a heap buffer overflow.
On its webpage for , Google says it is aware of reports that an exploit for the vulnerability exists in the wild.
Mac users can update the Google Chrome browser automatically by pressing Command-Q to quit the browser, then reopening the app. If the browser hasn't been closed in a while, a button will appear in the app's upper-right corner that says "Update."
Another option is to click on the three-dot "More" icon in the browser's upper-right. Next, select Help, click About Google Chrome and choose Update Google Chrome if it appears.
It's been a rough year for Chrome security. A report from October 5 showed that Chrome was the most vulnerable browser in 2022 with 303 vulnerabilities.
For example, the company patched its seventh zero-day exploit in Chrome at the end of October. It's a popular browser for users, but that also makes it a popular target for attackers.