Google has pushed an emergency Google Chrome security update after discovering two zero-day vulnerabilities—meaning the flaws were actively exploited before most users had a fix. If you’re in the US or UK and use Chrome for work, banking, shopping, email, or school, this is a priority update you shouldn’t postpone.
This guide is written for everyone (not just IT teams): what the update means, who’s at risk, how to update Chrome fast, how to confirm you’re protected, and what to do if you can’t update immediately.
Quick summary (for busy readers)
- What happened: Google issued an emergency Chrome update for two zero-day flaws.
- Why it matters: Zero-days can be used to compromise devices via malicious sites/links.
- What to do now: Update Chrome and relaunch. Also update Chromium-based browsers (Edge/Brave/Opera/Vivaldi).
What does “two zero-day flaws” mean?
A zero-day vulnerability is a security hole that attackers can exploit before a patch is widely available. The danger isn’t just that the bug exists—it’s that the exploit is already circulating.
When Google releases an “emergency” update, it usually indicates:
- exploitation is confirmed or strongly suspected “in the wild”
- the issue is serious enough that delaying the patch increases real-world risk
- the update is meant to reach users as quickly as possible
Why emergency Chrome updates are a big deal in 2026
Chrome is one of the most targeted apps on any computer. It sits between you and the internet—and it handles risky content all day: webpages, scripts, ads, media, PDFs, and extensions.
Two zero-days patched at once can point to:
- active campaigns targeting specific groups (then spreading wider)
- multi-step exploit “chains” (for example: one bug to run code, another to break out of the browser sandbox)
Even careful users can be exposed through:
- phishing links (email, SMS “smishing”, social DMs)
- malicious or hacked websites
- malvertising (bad ads served through ad networks)
- compromised downloads or “fake update” prompts
Who’s most at risk in the US & UK?
This patch is for everyone, but these users should treat it as urgent:
High-risk personal users
- people who manage online banking, crypto, or investment accounts
- anyone who shops frequently and stores card details in browsers
- users who reuse passwords or rely on saved sessions
- people who click links from email/newsletters/DMs often
High-risk work/school users
- remote workers on personal devices (“BYOD”)
- journalists, public sector workers, healthcare, education
- anyone using Chrome with many extensions or multiple profiles
- users without automatic updates enabled
How to update Chrome right now (Windows, macOS, Linux)
- Open Google Chrome
- Click the three-dot menu (⋮) → Help → About Google Chrome
- Chrome will check for updates and install automatically
- Click Relaunch (important—patches don’t fully apply until you relaunch)
If you manage multiple devices at home (family PCs/laptops), repeat this on each one.
How to update Chrome on Android and iPhone
Android (US/UK)
- Open Google Play Store → search Chrome → tap Update
iPhone/iPad (UK/US)
- Open App Store → search Chrome → tap Update
Note: iOS browsers use Apple’s WebKit engine, but Chrome iOS still receives security updates and should be kept current.
How to check if you’re protected (quick verification)
After relaunch:
- Go back to Help → About Google Chrome
- Confirm it says “Chrome is up to date” and shows a recent version
If you don’t see the update yet:
- fully quit Chrome (close all windows), reopen, and check again
- updates sometimes roll out gradually—check again later the same day
Can other browsers be affected too? (Edge, Brave, Opera, Vivaldi)
Yes—many browsers are based on Chromium, including:
- Microsoft Edge
- Brave
- Opera
- Vivaldi
These browsers often ship their own updates shortly after Chrome’s security fixes. If you use any of them, open their “About” page and update immediately.
What if you can’t update immediately? (temporary safety steps)
If you’re on a managed work device or updates are blocked, reduce risk until you can patch:
- Avoid links in unexpected emails, texts, and DMs
- Don’t install anything prompted by a browser popup (especially “urgent update” pages)
- Disable non-essential extensions temporarily
- Use a separate Chrome profile for casual browsing (less exposure to saved sessions)
- Log out of high-value sites (banking, email, admin panels) when not needed
If you suspect you clicked something malicious:
- change key passwords (starting with email)
- enable or verify MFA/2FA
- check account logins/security activity pages
- run a reputable endpoint security scan
FAQs (good for SEO + featured snippets)
1) Should I update Chrome even if I don’t notice problems?
Yes. Security updates often fix issues you won’t “feel” until they’re exploited.
2) What’s the fastest way to update Chrome?
Help → About Google Chrome triggers an immediate update check on desktop.
3) Can a browser zero-day infect my device without downloading anything?
Sometimes, yes—modern exploits can trigger through web content. Downloads make it easier, but they aren’t always required.
4) Do I need to uninstall and reinstall Chrome?
Usually no. Updating + relaunching is the correct fix.
5) Are Chromebooks affected?
Chromebooks update through ChromeOS updates. Check for system updates in Settings if you use a Chromebook.
