Active Exploitation of Zero-Day Vulnerability in Google Chrome

Published on 07 Jun 2023

Google has released security updates to address a zero-day vulnerability (CVE-2023-3079) in Chrome web browser on Windows, Mac and Linux systems. The vulnerability is reportedly being actively exploited.

The vulnerability exists due to a type confusion bug in the Chrome V8 JavaScript engine. Successful exploitation of the vulnerability could allow a remote attacker to crash the browser or execute arbitrary code.

Users of Chrome browsers on Windows, Mac and Linux systems are advised to upgrade their software to version 114.0.5735.110 for Windows and 114.0.5735.106 for Mac and Linux as soon as possible.

Users are also encouraged to enable automatic updates in their Chrome browsers to ensure that their software is updated promptly.

More information is available here:
https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop.html
https://nvd.nist.gov/vuln/detail/CVE-2023-3079
https://www.bleepingcomputer.com/news/security/google-fixes-new-chrome-zero-day-flaw-with-exploit-in-the-wild/
Tags
Alerts Alerts & Advisories
Share