Monday, December 23, 2024
HomeCyber Security NewsGoogle Chrome Zero-Day Vulnerability Exploited Widely - Urgent Update

Google Chrome Zero-Day Vulnerability Exploited Widely – Urgent Update

Published on

SIEM as a Service

Google has recently taken prompt security measures by releasing a security update for its Chrome web browser, aiming to fix the third zero-day vulnerability of this year that hackers have exploited.

The third Chrome zero-day vulnerability that was fixed recently by Google has been tracked as “CVE-2023-3079.”

Exploitation of Zero-day

Detailed information regarding the exploit and its application in attacks has not been disclosed by the company, with the focus limited to highlighting the severity of the flaw and its classification.

- Advertisement - SIEM as a Service

In the event of discovering a new security flaw, Google always follows its traditional protocol of not disclosing any technical information or data related to the flaw.

This action aims to ensure users’ protection until a significant portion of them have successfully migrated to the secure version. 

Not only that even this approach also restricts malicious actors from exploiting the disclosed information to create additional exploits.

Google’s researcher, Clément Lecigne, uncovered CVE-2023-3079 on June 1, 2023, marking it as a high-severity vulnerability.

This flaw resides in V8, Chrome’s JavaScript engine that is responsible for the interpretation and execution of code in the browser.

Type confusion bugs occur when the engine incorrectly identifies the object’s type at runtime, which can result in dangerous manipulation of memory and the execution of arbitrary code. 

These bugs pose a serious threat as they can enable malicious activities and compromise system security by exploiting the engine’s misinterpretation of object types.

Chrome Stable Channel Update

Sophisticated state-sponsored threat actors frequently exploit zero-day vulnerabilities, specifically targeting influential individuals in several critical organizations. 

So, to ensure the utmost security, it is highly advised that Chrome users promptly update their vulnerable version of Chrome.

Taking immediate action to update your browser will help safeguard against potential attacks and protect against potential risks.

Over the upcoming days/weeks, the 114.0.5735.106 update for Mac and Linux and the 114.0.5735.110 update for Windows will be gradually rolled out to the Stable and extended stable channels.

Update Chrome

Here below we have mentioned the simple steps to update your Chrome browser:-

  • Firstly you have to open the Chrome browser on your computer.
  • Then you have to open the browser window’s Chrome settings menu in the upper right corner (Three vertically aligned dots).
  • Now you have to click on the settings menu to open the drop-down menu.
  • Then select the “Help” option.
  • Now, in the “Help” submenu, click on “About Google Chrome”.
  • That’s it, now if an update is available, Chrome will automatically start downloading and installing it.
  • Once the update is finished, relaunch Google Chrome to ensure the latest version is applied.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware

Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer...

BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques

An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the...

Malicious Apps On Amazon Appstore Records Screen And Interecpt OTP Verifications

A seemingly benign health app, "BMI CalculationVsn," was found on the Amazon App Store,...

Lazarus Hackers Using New VNC Based Malware To Attack Organizations Worldwide

The Lazarus Group has recently employed a sophisticated attack, dubbed "Operation DreamJob," to target...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware

Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer...

BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques

An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the...

Malicious Apps On Amazon Appstore Records Screen And Interecpt OTP Verifications

A seemingly benign health app, "BMI CalculationVsn," was found on the Amazon App Store,...