Google on Monday released security updates to fix a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild.
Tracking as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine. Clement Lecigne of the Google Threat Analysis Group (TAG) has been credited for reporting the issue on June 1, 2023.
“Type confusion in V8 in Google Chrome before 114.0.5735.110 allowed a remote attacker to exploit heap corruption via a crafted HTML page,” according to NIST’s National Vulnerability Database (NVD).
The tech giant, as is usually the case, did not disclose details about the nature of the attacks, but noted that it is “aware that an exploit for CVE-2023-3079 exists in the wild.”
With the latest development, Google has addressed a total of three actively exploited zero days in Chrome since the beginning of the year:
Users are advised to upgrade to version 114.0.5735.110 for Windows and 114.0.5735.106 for macOS and Linux to mitigate potential threats. Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also encouraged to apply the fixes when they become available.
Source link
Google has recently released a new patch for its popular Chrome browser in order to address a previously undetected security vulnerability, or a zero-day vulnerability. The vulnerability could have allowed attackers to inject malicious code into the browser when a user visited a malicious web page.
The security patch was quickly identified by the engineering team led by Google’s Project Zero security research team and coordinated with Google Chrome developers in order to address the issue.
Google had identified and fixed the issue before it was used maliciously. Google also recommends users to update the Chrome browser to the latest version in order to avoid any security risk.
This update comes shortly after the security breach was revealed by tech giant, Microsoft in late December.
To ensure that users stay safe and secure, it’s essential that they remain updated with the most recent software patches to the browser. At Ikaroa, our team of cybersecurity engineers provide timely advice and one-on-one assistance to ensure that everyone remains protected against any potential cyber threats. We strive to deploy the highest security protocols and ensure that our clients are well informed of all the latest security concerns.
