Google releases emergency update to address critical chrome zero-day vulnerability

Share post:

Google has issued an emergency update to its Chrome browser to fix a significant zero-day security hole that might allow malicious actors to take control of a user’s device by running arbitrary code in the browser.

The vulnerability, CVE-2023-2033, provides a high-severity risk to Chrome users using desktop versions prior than 112.0.5615.121. The security flaw is said to exist in Chrome’s V8 JavaScript engine and can be exploited by a rogue webpage. Experts believe the exploit code is already in circulation and being used by crooks.

Clément Lecigne of Google’s Threat Analysis Group discovered and reported the vulnerability on April 11, according to Google. The online giant revealed that it is aware of a CVE-2023-2033 attack propagating in the open. Google has corrected the first zero-day issue in Chrome this year with this emergency release.

Users are encouraged to upgrade their browsers to the most recent version as soon as possible, either automatically or manually. On April 14, Google issued version 112.0.5615.121 for Windows, Mac, and Linux to address the security problem.

The nature of the exploit and its possible implications have not been disclosed in full. Other security updates from internal audits, fuzzing, and other projects are also included in the new Chrome.

The sources for this piece include an article in TheRegister.

SUBSCRIBE NOW

Related articles

Hackers Plant False Memories in ChatGPT to Steal User Data

A security researcher has uncovered a vulnerability in ChatGPT that could allow hackers to store false information and...

“Octo2” Trojan Targets Bank Accounts by Posing as VPN or Chrome Apps on Android

A new malware variant called “Octo2” is spreading across Android devices by posing as popular apps like NordVPN...

Evilginx – Open source tool can bypass Multi-Factor Authentication (MFA)

Security vendor Abnormal Security is reporting a new cybersecurity tool that is gaining traction among cybercriminals. The tool,...

Kaspersky’s exit from US market frightens some customers

Kaspersky, the Russian cybersecurity firm, has unexpectedly removed its antivirus software from U.S. customers' computers, replacing it with...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways