Google has advised Chrome users to update the web browser to the latest version in order to avoid being targeted by cybercriminals.

Late last week, the company released Chrome 99.0.4844.84 for Windows, Mac, and Linux, which fixes a high severity zero-day vulnerability that allows for remote code execution.

In an advisory published alongside the update, the company explained that the issue has already been abused in real-life scenarios. "Google is aware that an exploit for CVE-2022-1096 exists in the wild," wrote the firm.

Tracked as CVE-2022-1096, the Google Chrome vulnerability is described as a confusion weakness in the Chrome V8 JavaScript engine.

It allows an attacker to crash the browser and execute arbitrary code, which means it could be abused for a denial of service attacks or to infect devices with malware and ransomware.

Because the flaw is being abused in the wild, Google is deliberately withholding additional information until users are able to patch up their systems.

"Access to bug details and links may be kept restricted until a majority of users are updated with a fix," Google said. "We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven't yet fixed."

The fix is already out, but it could take weeks before it reaches each and every Chrome user, Google says. Anyone looking to check whether their client has updated automatically can do so via Chrome Menu > Help > About Google Chrome, which leads to a page that reveals the current version number and lists any available updates.

TechRadar