The Mountain View giant had to release an emergency security update for its web browser. Google Chrome is affected by an actively exploited zero-day vulnerability.
Google Chrome is hit by a zero-day bug again. The Mountain View company has just released a security update for its web browser. This fixes a vulnerability that poses a high risk to user security, the third of its kind since the beginning of the year.
A security breach actively exploited by hackers
This new vulnerability, listed under the reference CVE-2023-3079, was discovered on June 1st by Clément Lecigne, a Google security engineer. The error in question would be a type confusion in the V8 JavaScript engine, whose purpose is to execute code in the browser. Specifically, this type of vulnerability allows hackers to manipulate the memory of a JavaScript program and trick it into executing malicious code. The possible consequences of such an attack include that hackers can compromise user data or take remote control of the compromised computer or even run malware without the user’s knowledge.
According to the release notes published by Google on the Chrome updates blog, this breach would be actively exploited by hackers. As always when a breach of this magnitude is discovered, Google does not release details of how the exploit was used by hackers to launch attacks. A common practice aimed at protecting users as much as possible. By giving them enough time to update their browsers, Google reduces the risk that would-be hackers will rely on technical information they didn’t have access to to design new types of attacks.
Back in April, Google urgently needed to release an initial update to fix Chrome’s first zero-day bug of the year. Days later, the Mountain View company was forced to return the cover and release a security patch for Chrome after discovering Chrome’s second zero-day bug since earlier this year.
Update Google Chrome without delay
Although Chrome updates generally automatically check for and apply updates every time you restart your browser, it’s probably best to check that you’re using the latest version of Chrome on your computer. To do this on Windows, macOS, and Linux, click the Chrome main menu and then click the menu Helpclick on
© 01net.com
.
The browser then automatically searches for the availability of a possible update. In the event that a new version of the browser is available on Google’s servers, Chrome will automatically download and install it. All you have to do is click on the button. Start anew To restart the browser to finish applying the update.
The security update for Google Chrome has a version number 114.0.5735.106 on Mac and 114.0.5735.110 on Windows and Linux.
Source: Bleeping Computer