Google has recently released a critical security update to address a zero-day vulnerability in its popular Chrome browser. This vulnerability, known as CVE-2023-6345, has been actively exploited by attackers and could potentially allow them to remotely execute code on affected devices.
The vulnerability is rooted in an integer overflow issue in Skia, an open-source 2D graphics library used by Chrome. This means that attackers can create malicious websites or content that can deceive the browser into processing data in a way that leads to crashes or the execution of arbitrary code.
The discovery and reporting of this flaw can be credited to Benoît Sevens and Clément Lecigne of Google’s Threat Analysis Group (TAG) on November 24, 2023. Google has acknowledged that an exploit for CVE-2023-6345 is already being used by attackers in the wild, highlighting the urgency of promptly applying the latest security updates to safeguard your devices.
Aside from addressing the zero-day vulnerability, Google has also fixed six other security issues with the latest Chrome update. These vulnerabilities include:
- CVE-2023-6348: Type Confusion in Spellcheck
- CVE-2023-6347: Use after free in Mojo
- CVE-2023-6346: Use after free in WebAudio
- CVE-2023-6350: Out-of-bounds memory access in libavif
- CVE-2023-6351: Use after free in libavif
To protect your computer from this zero-day vulnerability, it is crucial to update your Chrome browser to the latest version. For Mac and Linux, the latest version is 119.0.6045.199, while for Windows, it is 119.0.6045.199/.200. Follow these steps to update Chrome:
- Open Chrome and click on the three dots in the top right corner.
- Select “Settings” from the drop-down menu.
- Scroll down to the bottom of the page and click on “About Chrome.”
- Chrome will automatically check for updates.
- If an update is available, it will be downloaded and installed.
- After the update is installed, restart Chrome to ensure it is running the latest patched version.
By promptly updating your Chrome browser, you can protect your devices from potential attacks and ensure a safer browsing experience. Stay vigilant and prioritize security by regularly checking for and applying the latest updates.