Chrome and Firefox fix big security bugs — how to update now
Make sure your browsers are fully patched
Google and Mozilla each upgraded their Chrome and Firefox browsers this week, squashing a number of security issues. Make sure your browsers are up to date.
Several of the flaws allow remote code execution — i.e., hacking — by malicious websites, although the details are being kept under wraps so that actual crooks and spies don't use them until most users have patched their browsers.
- Best antivirus software to keep your system clean
- The best Android browsers for your phone or tablet
- Plus: Google Pixel 5 just fully leaked — here's the final design and specs
The best antivirus software for Windows and for Mac will stop malware from being installed via web browsers, but you can't be too careful.
Chrome's update to version 85.0.4183.121 on the desktop fixes 10 security flaws, five of which were categorized as "high" severity, according to the official Chrome blog.
Three of those permit remote hacking by a specially designed malicious website, according to the Common Vulnerabilities and Exposures Database; the other two make Chrome vulnerable to malicious browser extensions.
How to update Chrome
Your desktop Google Chrome browser will generally update itself in Windows, Mac and Linux as long as you periodically close and relaunch the browser. Updates to version 85.0.4183.121 will be rolled out to all users "over the coming/days weeks," the Chrome blog said.
To force a Google Chrome browser update, click the three vertical dots at the top right of your Chrome browser window, scroll down to help, and then select About Google Chrome in the fly-out menu that appears.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
A new tab will open that will check to see if you're on the latest version, and update you if you're not. (Some Linux distributions will instead push out updates through their normal software-update channels).
Firefox security flaws
Firefox 81.0, released yesterday (Sept. 22), patches six security flaws and applies to Android as well as the desktop OS's. Three of them are described as having "high" potential impact, all of which involve memory corruption, one of the primary reasons vulnerabilities happen in any form of software.
"We presume that with enough effort some of these could have been exploited to run arbitrary code," Mozilla wrote in its security advisory.
Firefox 81 also adds some new usability features, such as the ability to pause and play audio and video from a keyboard or headphones, save and auto-fill credit-card numbers and fill in PDF forms. It also adds a pink-and-purple "Alpenglow" theme.
How to update Firefox
Like Chrome, Firefox should automatically update itself when you launch the browser.
To force a manual update, go to the three stacked lines at the top right of the desktop browser window, then scroll down to and select Help at the bottom of the menu. Select "About Firefox" in the fly-out menu, and a pop-up window will appear that checks to see whether your installation of Firefox is up-to-date.
You can also download full builds of Firefox 81 for all supported desktop platforms from the Firefox FTP website.
Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.