Phish Files
Abstract Aliens On Flying Saucers Northern Lights Lighthouse Mountains Water Tree Sun Background Gradient Unidentified Flying Object Ufo Stars Vector Design Style Landscape
Phish Files Articles
November 19, 2025

Critical Security Alert: Required Update for All Chrome-Based Web Browsers

Posted in: News

What is happening?

A critical security flaw has been discovered in Google Chrome that is currently being used by hackers to attack devices.

The Risk:

Simply visiting a malicious website can allow attackers to get access to your accounts through the web browser.

The Impact:

This can lead to the theft of your passwords, access to your logged-in accounts (like email or banking), or the installation of malicious software.

This affects Windows, Mac, and Linux computers and Android mobile devices. We recommend everyone update their web browsers immediately to stay safe.

Note: University-owned devices will update automatically. Just follow any on-screen prompts if your computer asks you to confirm or restart.

Action Required: Follow the steps for your device below

1. Windows & macOS Users (Laptop/Desktop)

Applies to: Google Chrome, Microsoft Edge, Brave, Opera

For Google Chrome:

  1. Open Chrome.
  2. Click the three vertical dots (⋮) in the top-right corner.
  3. Select Help > About Google Chrome.
  4. The browser will automatically check for updates.
  5. CRITICAL: Once the download finishes, click the “Relaunch” button. The update is not active until you restart the browser.

For Microsoft Edge:

  1. Click the three dots (…) in the top-right.
  2. Go to Help and feedback → About Microsoft Edge.
  3. Wait for the update to install, then click Restart.

Verification: After restarting, go back to the “About” page. It should say “Chrome is up to date” (Version 142.0.xxxx or higher).

2. Android Users (Samsung, Pixel, etc.)

Applies to: Chrome on Android

  1. Open the Google Play Store app on your phone.
  2. Tap your Profile Icon (top right corner).
  3. Tap Manage apps & device.
  4. Tap Updates available.
  5. Find Google Chrome in the list and tap Update.

Note: If you use Microsoft Edge on Android, update that as well.

FAQ

What is the Chromium vulnerability everyone is talking about?

A recently discovered security flaw in Chromium (the engine behind Chrome, Edge, Brave, etc.) could allow attackers to run harmful code or steal information if a user visits a malicious website. The browser makers have released a security patch to fix it.

Does this affect Chrome, Edge, and other browsers, or just one?

It affects any browser built on Chromium — this includes Google Chrome, Microsoft Edge, Opera, Brave, and others. All of them need to be updated.

What does this vulnerability allow attackers to do?

If exploited, an attacker could potentially crash your browser, run unauthorized code, or redirect you to malicious content. In most cases, exploitation requires visiting a harmful website.

Does this vulnerability put my university account or data at risk?

Potentially — if your browser is out of date and you visit a malicious site, attackers may attempt to exploit the bug. Updating your browser fully protects you.

Is this connected to phishing or malware we’ve seen on campus?

Not directly. However, attackers often combine browser vulnerabilities with phishing or fake links, so staying updated helps reduce your risk overall.

Could my computer be compromised if I use campus Wi-Fi?

No — the Wi-Fi isn’t the issue. The risk comes from running an outdated browser. Updating your browser eliminates the vulnerability regardless of where you connect.

How do I know if my Chrome/Edge browser is up to date?

Chrome: Go to Settings → About Chrome. It will automatically check and update.
Edge: Go to Settings → About Microsoft Edge. It will update there as well.
 Once it shows “Up to date,” you’re good.

Do university-owned computers update automatically?

Yes, most university-managed computers receive updates automatically. Users may still see a prompt to restart the browser — clicking “Relaunch” completes the update.

Do I need to restart my browser or my computer?

Yes. The update doesn’t fully apply until you relaunch the browser. A computer restart isn’t required, but it doesn’t hurt.

What version number should I look for to confirm I’m safe?

Look for the latest version your browser provides after updating. The “About” page will also tell you if you need to relaunch to finish installing the security patch.

What should I do if I think my browser was exploited?

  1. Update your browser immediately.
  2. Run a malware scan.
  3. Change your passwords if you notice unusual behavior.
  4. Reach out to the IT Service Desk if anything seems off — we can check your device.

Is it still safe to browse the web while waiting for the update?

It’s best to update before browsing. The process only takes a minute. Avoid clicking unknown links until your browser is fully patched.

Do I need to change my passwords after this vulnerability?

Not unless you experienced strange behavior (unexpected logins, pop-ups, browser crashes). Staying updated is the key protective step.

Who do I contact if the update won’t install?

Contact the IT Service Desk. They can remote in or guide you through a manual update.

Can IT push the update to my device?

For university-managed machines, yes — IT can deploy or verify updates. Personally owned devices must be updated by the user.