Google has updated Chrome to fix 14 security flaws, including a "zero-day" flaw that has been exploited by unknown hackers.

To verify that your desktop version of Chrome for Windows or Mac has been updated to version 91.0.4472.101, click on the three vertical dots in the upper right corner of your browser window, scroll down to "Help" and from the From the menu, click "About Google Chrome".

A new tab will open. If the browser displays that it is up-to-date, you are done. If not, a newer version will automatically be downloaded and you will then need to restart your browser. (Linux users may need to wait for the next update of their distribution.)

This zero-day, cataloged as CVE-2021-30551, is related to a flaw in Windows, also a zero-day, that Google researchers discovered last week and Microsoft patched yesterday (June 8). This is according to Shane Huntley, director of Google's threat analysis group.

The Chrome zero-day was categorized in a Chrome Releases blog post today as being due to a "type confusion in V8."

V8 is the same type of zero-day that is used by Chrome, Brave, Microsoft Edge, Opera, Vivaldi, and other Chromium It is an open source JavaScript rendering engine used by other browsers based on the project.

As of this writing Wednesday evening (EST), Chrome has not been patched in any of these four browsers, but we will show you how to check at the end of this article.

It is not clear how technically similar Chrome and Microsoft's zero-day are. The Microsoft one affects HTML parsing used by Internet Explorer and other legacy software, but this software is only used by Chromium-based Edge when in "Internet Explorer mode."

Bleeping Computer notes that this is the sixth zero-day flaw in Chrome patched in 2021; the two patched by Google in April were discovered by Kaspersky and patched by Microsoft yesterday (June 8). They were used in conjunction with the Microsoft flaws.

All of these zero-day flaws appear to be used in sophisticated nation-state attacks against specific targets, possibly for espionage purposes. However, as the details of the flaws become clearer, criminals may begin to use the flaws for more indiscriminate attacks against a wider range of targets.

The security risk from today's Chrome zero-day is rated "high." However, there is another fix for a flaw rated "Critical" related to "use after free of BFCache," which is in the way Chrome keeps recently viewed web pages in the computer's running memory vulnerability exists in the way Chrome keeps recently viewed web pages in the computer's running memory.

A list of the latest Chrome/Chromium updates can be found here.

Of the other Chromium browsers, Brave uses Chrome's version number, making it easy to check if it is up-to-date.

In Edge, you must type "edge://version" in the address bar and press Enter or Return. Edge and Brave can be updated in the same way as Chrome.

For Opera and Vivaldi, click the browser icon in the upper left corner, then click Help > About. Under "User Agent" or "Browser Identification," you will see the corresponding Chrome version number.

In Opera, if an update is available on this page, it will start updating; in Vivaldi, click Help > Check for Updates.

]