Emergency update: Fixed first zero-day vulnerability in 2023 for Google Chrome


There is an important security update for Google Chrome. The new update is recommended for all users as it fixes a vulnerability that has been identified as high risk and is actively being exploited. The update is already available in the WinFuture download area.

Google has released Chrome version 112.0.5615.121 for Windows, Mac and Linux. According to the description, it is an emergency update that fixes a highly dangerous zero-day vulnerability that is already being exploited in the wild: “Google is aware that an exploit for CVE-2023-2033 exists in the wild.” , it says in the newly published security advisory. This is the first charm zero-day vulnerability this year.

Apply updates as soon as possible

The new version 112.0.5615.121 is already being rolled out worldwide in the stable desktop channel (via Bleeding computer). If you use Chrome, you can also force the update by checking for updates via the browser settings (Chrome menu > Help > About Google Chrome > Updates). The web browser also automatically checks for new updates and, if possible, installs them after the next start or indicates an available update.
Internet browser infographic: Germany surfs the Chrome wave

The fixed zero-day bug is a serious type confusion vulnerability in the Chrome V8 JavaScript engine that was reported by an anonymous security researcher. While type confusion errors generally lead to browser crashes when successfully exploited by reading or writing memory outside of the buffer bounds, attackers can also exploit them to execute arbitrary code. However, details of utilization are not yet available.

Details of utilization not known

Since Google says it has already discovered active attacks on this vulnerability, no further technical details or additional information on the exploit are currently being published. “Access to error details and links will remain restricted until a majority of users have received an update,” reports Google. This is standard practice to avoid attracting free riders who want to exploit the vulnerability after it has been discovered.

“We will also keep limitations when the bug exists in a third-party library that other projects depend on in a similar way, but have not yet been fixed.” This includes the Microsoft Edge web browser.

Summary

  • Google Chrome 112.0.5615.121 released: fixes high-risk vulnerability (zero-day bug)
  • Vulnerability: Type confusion error in JavaScript engine V8
  • Update available in the WinFuture download area
  • Active attacks on vulnerability detected
  • Restrictions on error details to deter free riders
  • Update recommended immediately to ensure security

Download Chrome – Google’s browser

Browser, Logo, Chrome, Web Browser, Google Chrome, Chrome Browser, Chrome Logo, Google Chrome Browser, Chrome for Android

Browser, Logo, Chrome, Web Browser, Google Chrome, Chrome Browser, Chrome Logo, Google Chrome Browser, Chrome for Android

Share This:

California18

Welcome to California18, your number one source for Breaking News from the World. We’re dedicated to giving you the very best of News.

Leave a Reply