Tuesday, October 15, 2024
HomeCyber Security NewsGoogle Chrome Zero-Day Vulnerability Exploited Widely - Urgent Update

Google Chrome Zero-Day Vulnerability Exploited Widely – Urgent Update

Published on

Malware protection

Google has recently taken prompt security measures by releasing a security update for its Chrome web browser, aiming to fix the third zero-day vulnerability of this year that hackers have exploited.

The third Chrome zero-day vulnerability that was fixed recently by Google has been tracked as “CVE-2023-3079.”

Exploitation of Zero-day

Detailed information regarding the exploit and its application in attacks has not been disclosed by the company, with the focus limited to highlighting the severity of the flaw and its classification.

- Advertisement - SIEM as a Service

In the event of discovering a new security flaw, Google always follows its traditional protocol of not disclosing any technical information or data related to the flaw.

This action aims to ensure users’ protection until a significant portion of them have successfully migrated to the secure version. 

Not only that even this approach also restricts malicious actors from exploiting the disclosed information to create additional exploits.

Google’s researcher, Clément Lecigne, uncovered CVE-2023-3079 on June 1, 2023, marking it as a high-severity vulnerability.

This flaw resides in V8, Chrome’s JavaScript engine that is responsible for the interpretation and execution of code in the browser.

Type confusion bugs occur when the engine incorrectly identifies the object’s type at runtime, which can result in dangerous manipulation of memory and the execution of arbitrary code. 

These bugs pose a serious threat as they can enable malicious activities and compromise system security by exploiting the engine’s misinterpretation of object types.

Chrome Stable Channel Update

Sophisticated state-sponsored threat actors frequently exploit zero-day vulnerabilities, specifically targeting influential individuals in several critical organizations. 

So, to ensure the utmost security, it is highly advised that Chrome users promptly update their vulnerable version of Chrome.

Taking immediate action to update your browser will help safeguard against potential attacks and protect against potential risks.

Over the upcoming days/weeks, the 114.0.5735.106 update for Mac and Linux and the 114.0.5735.110 update for Windows will be gradually rolled out to the Stable and extended stable channels.

Update Chrome

Here below we have mentioned the simple steps to update your Chrome browser:-

  • Firstly you have to open the Chrome browser on your computer.
  • Then you have to open the browser window’s Chrome settings menu in the upper right corner (Three vertically aligned dots).
  • Now you have to click on the settings menu to open the drop-down menu.
  • Then select the “Help” option.
  • Now, in the “Help” submenu, click on “About Google Chrome”.
  • That’s it, now if an update is available, Chrome will automatically start downloading and installing it.
  • Once the update is finished, relaunch Google Chrome to ensure the latest version is applied.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Hackers Allegedly Selling Data Stolen from Cisco

A group of hackers reportedly sells sensitive data stolen from Cisco Systems, Inc.The...

Fortigate SSLVPN Vulnerability Exploited in the Wild

A critical vulnerability in Fortinet's FortiGate SSLVPN appliances, CVE-2024-23113, has been actively exploited in...

Splunk Enterprise Vulnerabilities let Attackers Execute Remote Code

Splunk has disclosed multiple vulnerabilities affecting its Enterprise product, which could allow attackers to...

OilRig Hackers Exploiting Microsoft Exchange Server To Steal Login Details

Earth Simnavaz, an Iranian state-sponsored cyber espionage group, has recently intensified its attacks on...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Hackers Allegedly Selling Data Stolen from Cisco

A group of hackers reportedly sells sensitive data stolen from Cisco Systems, Inc.The...

Fortigate SSLVPN Vulnerability Exploited in the Wild

A critical vulnerability in Fortinet's FortiGate SSLVPN appliances, CVE-2024-23113, has been actively exploited in...

Splunk Enterprise Vulnerabilities let Attackers Execute Remote Code

Splunk has disclosed multiple vulnerabilities affecting its Enterprise product, which could allow attackers to...