2 billion Google Chrome users at risk as hackers deploy bug to break into people's devices

Google has warned that more than 2 million Chrome users could be at risk of an attack on their computers and laptops after hackers successfully infiltrated the browser.

The tech giant has been forced to deploy an emergency update for all desktop users after discovering the severity of the zero-day threat.

Google issued a warning that hackers had found a new way to break into the Chrome browser, which was being used to attack people's devices.

They explained that the weakness is inside Chrome's V8 engine, which is the part of Chrome that runs websites' code, meaning a bug in that area allows hackers to make Chrome do things like run harmful code.

The bug was spotted by Google's Threat Analysis Group last week and was considered to be a 'zero day' threat, which is when there are zero days to create a patch or fix it, leaving users vulnerable to exploitation by attackers.

Google Chrome

It's unknown just how long the bug had been hidden away in the browser's JavaScript, however Google has admitted it had bypassed normal checks because it was dormant all the while.

It wasn't until attackers started directly targeting this vulnerability that the bug became visible in the form of crash logs and behavioural anomalies.

While there's little information on the ground about the threat, this type of flaw can allow remote attackers to destabilise a system or run their own code, allowing them to push malicious software onto targeted devices.

How can Google Chrome users protect themselves?

Google has issued a security update (Gabby Jones/Bloomberg via Getty Images)

Google has issued a security update, which means all Chrome users should update their browsers as soon as possible.

The update should download automatically, but it won't install until you've restarted your browser.

This means, if you're the type of person to have tabs open on your laptop for weeks at a time, you'll need to close them all and restart your browser to get the protection needed against the bug.

As is the case with most cyber security issues, Google said in a statement that 'access to bug details and links may be kept restricted until a majority of users are updated with a fix'.

"We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed."