Friday 27th December 2024

Google Releases Emergency Update For Chrome. Why?

Google urgently released an update to Chrome’s security in reaction to the first zero-day vulnerability exploited since the year’s beginning.

In a security advisory, Google stated that it knows that use for CVE-2023-2033 exists in the wild.

The complete user base will eventually receive the updated version, which is already rolling out to users in the Stable Desktop channel.

The CVE-2023-2033 vulnerability for Windows, Mac, and Linux systems has been fixed in the updated version of Chrome, so users should upgrade as soon as possible.

Users can check for updates by navigating to the Chrome menu and selecting Help > Google Chrome.

According to BleepingComputer, the Chrome V8 JavaScript engine has a high-severity type confusion flaw that is the cause of the high-severity zero-day vulnerability (CVE-2023-2033).

The Threat Analysis Group (TAG), whose major objective is to protect Google users from state-sponsored attacks, was responsible for finding the vulnerability. Clement Lecigne was one of the group’s members who identified the vulnerability.

Google said, “Access to bug details and links may be restricted until a majority of users are updated with a fix.”

 

Why it’s important to address zero-day vulnerabilities

A software vulnerability in a system known as “zero-day vulnerability” has been identified and revealed but has not yet been fixed by a patch or update.

Zero-day vulnerabilities do not have patches since the owners of systems that are vulnerable are unaware of the risk, which increases the likelihood that an attack would be successful, according to Kaspersky, a cyber security company.

These vulnerabilities can lead to zero-day exploits, which hackers misuse to attack systems that have been compromised by previously unknown vulnerabilities, and zero-day attacks, which involve using a zero-day exploit to steal data or harm.

What’s worrying is that, in most circumstances, it can take several months before to find a new vulnerability in the system after an attack, and only then can the developer begin to work on a patch to repair them.

Share On

Copyright © 2023 Trends In News - All Right Reserved