Skip to main content

Google Chrome emergency update fixes first zero-day of 2023

Google has released an emergency Chrome security update to address the first zero-day vulnerability exploited in attacks since the start of the year.

"Google is aware that an exploit for CVE-2023-2033 exists in the wild," the search giant said in a security advisory published on Friday

The new version is rolling out to users in the Stable Desktop channel, and it will reach the entire user base over the coming days or weeks.

Chrome users should upgrade to version 112.0.5615.121 as soon as possible, as it addresses the CVE-2023-2033 vulnerability on Windows, Mac, and Linux systems.

This update was immediately available when BleepingComputer checked for new updates from the Chrome menu > Help > About Google Chrome.

The web browser will also automatically check for new updates and install them without requiring user interaction after a restart.

​​Attack details not yet disclosed

The high-severity zero-day vulnerability( CVE-2023-2033 )
is due to a high-severity
type confusion weakness in the Chrome V8 JavaScript engine.

The bug was reported by Clement Lecigne of Google's Threat Analysis Group (TAG), whose primary goal is to defend Google customers from state-sponsored attacks.

Google TAG frequently discovers and reports zero-day bugs exploited in highly-targeted attacks by government-sponsored threat actors aiming to install spyware on devices of high-risk individuals, including journalists, opposition politicians, and dissidents worldwide.

Although type confusion flaws would generally allow attackers to trigger browser crashes after successful exploitation by reading or writing memory out of buffer bounds, threat actors can also exploit them for arbitrary code execution on compromised devices.

While Google said it knows of CVE-2023-2033 zero-day exploits used in attacks, the company has yet to share further information regarding these incidents.

"Access to bug details and links may be kept restricted until a majority of users are updated with a fix," Google said.

"We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed."

This will allow Google Chrome users to upgrade their browsers and block attack attempts until technical details are released, allowing more threat actors to develop their own exploits.

Comments

Post a Comment

Popular posts from this blog

Episode 03: Sabito and Makomo Demon Slayer season 3 Hindi watch and @followers #demonslayer

Episode 03: Sabito and Makomo Demon Slayer season 3 Hindi watch and @followers #demonslayer link 👉 Click & watch
Post a Comment
Read more

Explore Your Project with Graphic Designer Md Aman - He'll Give it His Best!

Are you looking to make your project stand out with professional designs? Look no further than Md Aman, a talented graphic designer who is ready to give your project his very best. He has a wealth of experience and knowledge of the industry that will ensure you get the perfect result. With Md Aman, you'll be able to explore your project in exciting new ways that will make it stand out and impress everyone. Get ready to experience the best graphic design services available today!
Post a Comment
Read more

Benefits of Angular.js, RoR, & Product Software Dev for Your Next Project

Benefits of Angular.js, RoR, & Product Software Dev for Your Next Project Are you planning a new project and not sure which language or framework to use? Angular.js, Ruby on Rails, and product software development are all great options for your app or website. Each has unique benefits that can help make the development process faster and easier. In this article, we will discuss the advantages of each option, so you can decide which is best suited for your needs. This article will examine why Angular.js is an excellent choice for building single-page applications. We’ll also discuss how Ruby on Rails offers developers a highly productive platform with built-in tools for rapid application development (RAD). Finally, we’ll determine what makes product software development attractive when creating complex products like e-commerce websites or mobile apps. Three Software Tools for Your Projects All three software tools have advantages and can be used to create various applica...
Post a Comment
Read more