The October 31 disclosure from Google confirmed that the “stable channel” desktop Chrome browser is being updated to version 78.0.3904.87 across the Windows, Mac, and Linux platforms. This urgent update will start rolling out “over the coming days/weeks,” according to Google. Unlike recent Windows 10 security alerts advising not to install an update, Chrome users should ensure they do install this one.
At this moment in time, it is proving hard to find out much specific detail about either of the vulnerabilities concerned, other than the fact that one of the two being fixed by the update is already being exploited in the wild.
Google said that this is because: “Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on but haven’t yet fixed.”
That said, both Opdenakker and Thompson also advise users to ensure the Chrome browser update is installed as soon as possible to mitigate any risk.
This should happen automatically over the coming days and weeks; however, I would advise Chrome users to manually trigger the update process using the “Help | About Google Chrome” menu option.