Connect with us

Hi, what are you looking for?

News

Google Issues Urgent Chrome Update to Fix Actively Exploited Vulnerability

Google released an emergency update to resolve an actively exploited flaw in its highly popular Chrome browser.

The bug, tracked as CVE-2023-2033, was deemed a “high” severity vulnerability by Google in an update posted on April 14. “Google is aware that an exploit for CVE-2023-2033 exists in the wild,” the search giant wrote in its advisory, meaning the bug is being actively targeted by malign actors.

The new Chrome version is rolling out to users who are using the Windows, Mac, and Linux stable versions of the browser. The entire Chrome suite will likely get those updates in the coming days to weeks.

According to the federal National Vulnerability Database, the exploit stems from a “type confusion in V8 in Google Chrome” that allows “a remote attacker to potentially exploit heap corruption via a crafted HTML page.” No further details were released about the bug by Google.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed,” Google said.

This update was available when The Epoch Times attempted to check for new updates via the Chrome menu > Help > About Google Chrome. The browser will also automatically check for the latest updates and install them without requiring user input following a restart of the browser, but many users may leave their browsers open for extended periods of time without closing or updating.

Users are advised to upgrade to version 112.0.5615.121 for Windows, Mac, and Linux to prevent any possible attacks. Those who use Chromium-based browsers such as Brave, Tusk, Opera, Vivaldi, Microsoft Edge, and various “unGoogled” Chromium versions are advised to apply the updates upon availability.

Data from Statista shows that Google Chrome is estimated to be used by more than 3 billion people worldwide, making it the most popular browser by far. No. 2 on the list is Apple’s Safari, with about 576 million.

Forbes magazine noted that the April 14 patch is the first “zero day” bug to be addressed by Google Chrome so far in 2023. “Google has done an incredible job patching Chrome vulnerabilities this year, and it is remarkable that we got to April before the first Zero-Day exploit occurred. To put this in perspective, Chrome had 15 Zero Day exploits in 2021 and nine in 2022, so the progress is clear,” a technology writer for the magazine noted.

Separately, the Department of Homeland Security’s (DHS) cybersecurity agency recently advised users and administrators to update their Apple, Microsoft, and Adobe devices and products after a handful of security vulnerabilities were found.

“Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device,” said the Cybersecurity Infrastructure & Security Agency in a statement on April 11.

This week, Apple rolled out its security update to older Apple iPhones, iPads, Mac desktop computers, and Macbooks after it released iOS and iPadOS 16.4.1 and macOS Ventura 13.3.1 to fix two actively exploited security flaws. That update was extended to older devices, including those that use iOS and iPadOS 15.7.5, macOS Monterey 12.6.5, and macOS Big Sur 11.7.6 to patch the same security bugs.

READ 3 COMMENTS
  • John says:

    Make sure like the Communist corrupted government you take your time doing it so billions of people could be hacked and we’ll have a new fake hysteria agenda because they’re running out of fake disasters besides the toxic burning rail disasters and food processing plants magically burning to the ground

    • Darrell says:

      YEAH >>> Magically !! Next will be the substations on the grid !! It only takes 9 to be knocked down to put all of America in the dark !! Pretty hard to beleive right ?? My cousin works in this field on building, restoring power. He has been all over the US putting crews together to go work where ever work is needed. He has worked many winter storms as well as hurricanes restoreing power.HE tells me we do not have any transformers stored anywhere in case of an emergency & they ALL come from CHINA !! Not made here anymore just like TV sets !! Everything has been turned over to that country even where are pills come from i have been told!! I say we are in deep trouble !!

  • Googlesucks says:

    Fuck google, Fox News, and Lindsey Graham. For searches I use duckduckgo.com and for news I watch Real America’s Voice. For laughter I still watch the drunken liar Lindsey G !

  • TOP STORIES

    News

    Former President Donald Trump and New York Attorney General Letitia James reached an agreement on April 22 regarding his $175 million bond in his...

    News

    With jury selection having been wrapped up last week, the first criminal trial of a former president of the United States got underway Monday...

    News

    On Thursday, Biden’s Equal Employment Opportunity Commission (EEOC) revealed they had filed a lawsuit against the Sheetz convenience store and gas station chain alleging...

    News

    A wealthy young woman who avoided prison time for a deadly 2020 crash that killed a Vermont couple was among 114 anti-Israel agitators arrested...

    >