• A critical Chrome vulnerability enabled real-world attacks, prompting Google to issue an emergency update
• Google urges users to update their browser immediately

Google has warned that more than two million Chrome users may be exposed to attacks targeting laptops and desktop computers, after hackers successfully exploited a newly discovered vulnerability.

The company was forced to roll out an emergency update for all users after identifying the severity of the zero‑day flaw — meaning attackers had the opportunity to exploit it before any security patch was released.

Google explained that the vulnerability lies in Chrome’s V8 engine, the component responsible for executing website code, which could allow hackers to run malicious software on targeted devices.

The flaw was detected by Google’s Threat Analysis Group, though it remains unclear how long it had been hidden inside the browser’s JavaScript engine. The company noted that the bug evaded routine checks because it had remained dormant for an extended period.

Once direct attacks began targeting the vulnerability, signs such as unusual browser crashes and abnormal behavior started to surface, making the flaw visible.

The vulnerability could potentially be exploited remotely, allowing attackers to disrupt systems, execute harmful code, or spread malware.

Google urged users to update Chrome immediately, noting that the fix will only take effect after restarting the browser and closing all open tabs.

The company added that details and links related to the vulnerability will remain restricted until most users have installed the patch. Restrictions may also continue if the flaw exists within a third‑party library used by other projects that have yet to release their own fixes.