Google Chrome users who are still running Windows 7 or Windows 8 could be left vulnerable to cyberattacks because they will no longer be able to update to the latest version of the browser.
The latest version of Google Chrome (Chrome 110) provides users with protection against several known cybersecurity issues, including three classed as high-risk -- but users who are still running Windows 7 or Windows 8 won't be able to install the update because Chrome no longer supports updates on these versions of Windows.
"Chrome 109 is the last version of Chrome that will support Windows 7, Windows 8/8.1, Windows Server 2012, and Windows Server 2012 R2. Chrome 110 is the first version of Chrome that requires Windows 10 or later. You'll need to ensure your device is running Windows 10 or later to continue receiving future Chrome releases," Google said in a blog post at the end of last year.
In an email to ZDNET, a Google spokesperson confirmed that, for Windows users, Google Chrome 110 and future updates will only be supported on Windows 10 and later updates, including Windows 11.
Google Chrome 110 update is rolling out as normal for Windows 10 and Windows 11 users, along with Mac and Linux users. In most cases, the update will be downloaded automatically and will be implemented after restarting the browser.
The new update fixes 15 security vulnerabilities, including three classed as high-risk.
CVE-2023-0697 is a vulnerability in the browser affecting full-screen mode that could allow a remote attacker to spoof contents of the security UI via a crafted HTML page, potentially putting the user at risk if they interact with the page to the extent that attackers could use the flaw to execute remote code.
Meanwhile, CVE-2023-0698 is an out-of-bounds vulnerability in WebRTC, an open-source project that provides browsers with real-time communication via application programming interfaces. An out-of-bounds vulnerability reads data past the end, or before the beginning, of the intended buffer, potentially allowing attackers to read sensitive information from other memory locations or cause a crash.
As with Google's usual protocols around security fixes, full details on some of the vulnerabilities aren't being made public until the update has been released and users are protected.
"Access to bug details and links may be kept restricted until a majority of users are updated with a fix," said Google.
"We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel," the company added.
It's recommended that users install Chrome 110.0.5481.77/.78 for Windows, and 110.0.5481.77 for Mac and Linux, to protect against cyberattacks and security issues. Windows users who are still running the now-unsupported operating systems of Windows 7 and Windows 8 are urged to upgrade to Windows 10 or later.