Google has released an update for Chrome that patches three security bugs, one of which is a zero-day vulnerability that is currently being exploited. The vulnerability, under the identifier CVE-2020-6418, was discovered by Clement Lecigne, a member of Google's Threat Analysis Group, on February 18.
While it is known that the vulnerability is being exploited in the wild, information on how it is being used is not public yet. The vulnerability has been patched in Chrome version 80.0.3987.122. The update is rolling out to all Windows, Mac, and Linux users. However, it is not known when an update with the patch will make it to the mobile versions of the browser.
The search giant patched Chrome’s first zero-day vulnerability back in March 2019 when it disclosed the security risk along with a vulnerability in Windows 7. Since the patch fixes a zero-day that is currently being exploited in the wild, it is best for users to update their browsers to the latest version (80.0.3987.122). You can download the update using the offline installer here, or head to the three-dot menu on Chrome > Help > About Google Chrome, and force the update.