Sunday, December 10, 2023

Google Chrome Zero-Day Vulnerability Exploited Widely – Urgent Update

Google has recently taken prompt security measures by releasing a security update for its Chrome web browser, aiming to fix the third zero-day vulnerability of this year that hackers have exploited.

The third Chrome zero-day vulnerability that was fixed recently by Google has been tracked as “CVE-2023-3079.”

Exploitation of Zero-day

Detailed information regarding the exploit and its application in attacks has not been disclosed by the company, with the focus limited to highlighting the severity of the flaw and its classification.

In the event of discovering a new security flaw, Google always follows its traditional protocol of not disclosing any technical information or data related to the flaw.

This action aims to ensure users’ protection until a significant portion of them have successfully migrated to the secure version. 

Not only that even this approach also restricts malicious actors from exploiting the disclosed information to create additional exploits.

Google’s researcher, Clément Lecigne, uncovered CVE-2023-3079 on June 1, 2023, marking it as a high-severity vulnerability.

This flaw resides in V8, Chrome’s JavaScript engine that is responsible for the interpretation and execution of code in the browser.

Type confusion bugs occur when the engine incorrectly identifies the object’s type at runtime, which can result in dangerous manipulation of memory and the execution of arbitrary code. 

These bugs pose a serious threat as they can enable malicious activities and compromise system security by exploiting the engine’s misinterpretation of object types.

Chrome Stable Channel Update

Sophisticated state-sponsored threat actors frequently exploit zero-day vulnerabilities, specifically targeting influential individuals in several critical organizations. 

So, to ensure the utmost security, it is highly advised that Chrome users promptly update their vulnerable version of Chrome.

Taking immediate action to update your browser will help safeguard against potential attacks and protect against potential risks.

Over the upcoming days/weeks, the 114.0.5735.106 update for Mac and Linux and the 114.0.5735.110 update for Windows will be gradually rolled out to the Stable and extended stable channels.

Update Chrome

Here below we have mentioned the simple steps to update your Chrome browser:-

  • Firstly you have to open the Chrome browser on your computer.
  • Then you have to open the browser window’s Chrome settings menu in the upper right corner (Three vertically aligned dots).
  • Now you have to click on the settings menu to open the drop-down menu.
  • Then select the “Help” option.
  • Now, in the “Help” submenu, click on “About Google Chrome”.
  • That’s it, now if an update is available, Chrome will automatically start downloading and installing it.
  • Once the update is finished, relaunch Google Chrome to ensure the latest version is applied.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus


Latest articles

WordPress POP Chain Flaw Exposes Over 800M+ Websites to Attack

A critical remote code execution vulnerability has been patched as part of the Wordpress...

Russian Star Blizzard New Evasion Techniques to Hijack Email Accounts

Hackers target email accounts because they contain valuable personal and financial information. Successful email...

Exploitation Methods Used by PlugX Malware Revealed by Splunk Research

PlugX malware is sophisticated in evasion, as it uses the following techniques to avoid...

TA422 Hackers Attack Organizations Using Outlook & WinRAR Vulnerabilities

Hackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative...

Bluetooth keystroke-injection Flaw: A Threat to Apple, Linux & Android Devices

An unauthenticated Bluetooth keystroke-injection vulnerability that affects Android, macOS, and iOS devices has been...

Atlassian Patches RCE Flaw that Affected Multiple Products

Atlassian has been discovered with four new vulnerabilities associated with Remote Code Execution in...

Reflectiz Introduces AI-powered Insights on Top of Its Smart Alerting System

Reflectiz, a cybersecurity company specializing in continuous web threat management, proudly introduces a new...

Endpoint Strategies for 2024 and beyond

Converge and Defend

What's the pulse of Unified Endpoint Management and Security (UEMS) in Europe? Join us live to uncover the strategies that are defining endpoint security in the region.

Related Articles