Click to Skip Ad
Closing in...

Update Chrome, Firefox, Edge, Brave, and Tor to patch this critical bug

Published Sep 14th, 2023 1:40PM EDT
Google Chrome browser running on multiple devices.
Image: Google

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Google Chrome might be the most popular internet browser on the planet, but no matter which browser you prefer, you should update it as soon as possible. On Wednesday, Stack Diary was among the first to report a security vulnerability impacting every top browser. As of Wednesday, Chrome, Firefox, Edge, Brave, and Tor have all rolled out patches for this dangerous bug, so if you haven’t already, be sure to install the update now.

After updating, your browser should be on the following version or higher:

  • Chrome: 116.0.5845.187 for Mac and Linux, 116.0.5845.187/.188 for Windows
  • Firefox: Firefox 117.0.1, Firefox ESR 102.15.1, Firefox ESR 115.2.1, Thunderbird 102.15.1, Thunderbird 115.2.2
  • Edge: 116.0.1938.81
  • Brave: 1.57.64
  • Tor: 12.5.4

As Stack Diary explains, the vulnerability involves a heap buffer overflow in the WebP image format. Many browsers and other software use WebP to compress images. If a threat actor exploited a vulnerability in this image format, it would impact millions of users.

Stack Diary does a great job explaining heap buffer overflows if you’re curious, but all you really need to know is that these bugs can potentially allow attackers to take control of systems, steal data, or introduce malware that users will unknowingly download.

Keeping your software up to date is always important, but especially so for situations like this. Google reported that the vulnerability, which has been designated CVE-2023-4863, has an exploit in the wild. The longer you wait to update your browser, the more likely you are to become a victim of an attack. In other words: Don’t delay, update today!

Jacob Siegal
Jacob Siegal Associate Editor

Jacob Siegal is Associate Editor at BGR, having joined the news team in 2013. He has over a decade of professional writing and editing experience, and helps to lead our technology and entertainment product launch and movie release coverage.