- Chrome was updated by Google due to a serious security vulnerability. This could allow a remote attacker to run malicious code and further compromise a device. For more details on this vulnerability, See here: https://chromereleases.googleblog.com/2020/11/chrome-for-android-update.html
- While there are known exploits that use this vulnerability to attack a device, it is worth noting that a vulnerable app detection does not inherently mean your device has been hacked or otherwise compromised.
- This vulnerability is considered High-Severity and Chrome should be updated immediately to correct this issue.
Lookout is actively detecting and reporting to our customers if a version of Chrome is installed that has this vulnerability. In general, updating Chrome to the latest version will resolve this issue. This is done by searching for Chrome in the Play Store on your device and choosing the 'Update' option on the Play Store Page.
The detection will appear as follows:
There are a few fringe cases that may apply to you:
- A. No update for Chrome is available in the Play Store
- B. Chrome is not found on your device
- C. Lookout suggests to uninstall Chrome
- D. Lookout detects Chrome as vulnerable with a very old detection date
If any of these situations apply, please review the corresponding point below:
A. If no update for Chrome is available in the Play Store, there is most likely a delay as Google is pushing this update out to millions of users. Please check back over the next few days to get this update. You can also enable Auto-Update for Play Store apps in the Play Store>Menu>Settings>Auto-Update Apps.
B. If Lookout is detecting this vulnerability, but you can't find Chrome on your device, the app is most likely disabled. Chrome is factory installed on the vast majority of Android devices. This means it can not be uninstalled, but it can be disabled to prevent it from appearing on your device.
Follow these steps to remedy this situation:
- Open the Play Store and search for Chrome.
- On the Play Store page tap 'Enable'
- On the same page choose 'Update'
- Open Lookout, Chrome should no longer be detect as vulnerable.
You can then disable Chrome again if you wish:
- Open Android Settings
- Navigate to Apps>App info and find Chrome
- Tap Disable
C. If Lookout is suggesting to uninstall Chrome, you most likely can not as it comes factory installed on many Android devices. In this case, Lookout is out dated. Please update it from our Play Store page. Once updated, Lookout should properly suggest and guide you through updating Chrome.
D. Lookout may show a very old detection date for Chrome. This is the date we first detected this version of the app on your device. The vulnerability was only recently discovered which is why you are being notified of the detection now.