(1 votes, average: 5.00 out of 5)
Loading...Chrome Zero-Day Exploit – Update Required to Fix the Bug
(1 votes, average: 5.00 out of 5)Loading...
Google Chrome was recently hit by the very first zero-day attack of 2023
Google has brought an immediate update to mitigate the Chrome Zero Day Exploit.
Chrome is presently used by more than three billion people globally. To address an extensively exploited zero-day vulnerability, google issued an important update to its Chrome browser. Users should upgrade to version 112.0.5615.121 for Windows, macOS, and Linux.
The issue with Type Confusion in the V8 JavaScript Engine.
The CVE-2023-2033 high-severity vulnerability is confusing in the V8 JavaScript engine. On April 11, 2023, Clement Lecigne of Google’s Threat Analysis Group reported it. The google chrome exploit permits a remote attacker to possibly exploit heap corruption through a crafted HTML page, according to the National Vulnerability Database (NVD).
Google stated, “aware of reports that a CVE-2022-3075 exploit exists in the wild.”
The security patch of Chrome Zero-Day 2023 will be sent out to users in the following days and weeks. Users are encouraged to install the update when Chrome prompts them.
Similarities to Other V8 Zero-Day Flaws
CVE-2023-2033 is a high-severity vulnerability described as a “Confusion weakness in the Chrome V8 JavaScript engine.” Nevertheless, Google has provided a few additional details concerning the malicious activity at this time, including how the CVE-2023-2033 vulnerability was leveraged in real-time attacks. The term “zero-day” refers to the fact that the vulnerability remains in the wild, despite Google’s patch.
A similar zero-day vulnerability known as CVE-2022-1096 impacted Chrome’s V8 JavaScript engine on Mac devices in March 2022.
CVE-2022-30190, Follina, a serious zero-day vulnerability that affected Windows programs in June 2022, was attributed to a Chinese TA413 hacking organization and was intended against the Tibetan diaspora and US and EU government organizations.
Last year, Google closed out nine zero days in Chrome. The news comes just days after Citizen Lab and Microsoft reported that clients of a secretive spyware vendor called QuaDream used a now-patched hole in Apple iOS to target political opposition leaders, journalists, and an NGO worker in 2021.
Users are strongly advised to upgrade immediately
The Singapore Computer Emergency Response Team (SingCERT) suggests that customers “install the latest security updates immediately” and that “it also encouraged users to activate the automatic update function in Chrome to ensure that their software gets updated promptly.”
To minimize possible risks, users are advised to upgrade to version 112.0.5615.121 for Windows, macOS, and Linux.
Timely application of security patches is crucial for protecting systems and networks from cyber threats. Users of browsers like Chromium, Microsoft Edge, Brave, and Opera should install available updates promptly to help defend against vulnerabilities.
Implementing updates for any software, systems, or applications as soon as possible is one of the best practices individuals and businesses can follow to safeguard themselves from cyber risks.
This serves as a warning to all internet users to remain cautious and maintain their software up to date to prevent becoming prey to cyber criminals.
Recently Google Announced to Delete the Accounts Inactive for 2 Years
