Google releases emergency update to fix zero-day Chrome vulnerability

In response to the first zero-day vulnerability exploited in attacks since the start of the year, Google has released an emergency Chrome security update.

“Google is aware that an exploit for CVE-2023-2033 exists in the wild,” Google said in a security advisory.

The new version is currently being rolled out to users in the Stable Desktop channel, and it will eventually reach the full user base.

Chrome users will need to update to the new version as soon as possible since it fixes the CVE-2023-2033 vulnerability on Windows, Mac, and Linux computers.

Users can check for updates by going to the Chrome menu > Help > Google Chrome.

According to BleepingComputer, the high-severity zero-day vulnerability (CVE-2023-2033) is due to a high-severity type confusion weakness in the Chrome V8 JavaScript engine.

Discover the stories of your interest


Clement Lecigne of Google’s Threat Analysis Group (TAG), whose major mission is to protect Google customers from state-sponsored attacks, reported the bug.Moreover, the report mentioned that in spite of Google claiming that its knowledge of CVE-2023-2033 zero-day exploits has been used in attacks, the company has yet to provide further details.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Google was quoted as saying.

“We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed,” it added.

Stay on top of technology and startup news that matters. Subscribe to our daily newsletter for the latest and must-read tech news, delivered straight to your inbox.

For all the latest Technology News Click Here 

Read original article here

Denial of responsibility! TechAI is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.