Security Bulletin: Google Chrome Zero-Day Impacting 3 Billion Users
Update as of 4/18/2023: Google has released another emergency fix in response to a second zero-day. The vulnerability known as CVE-2023-2136 is a high-severity integer overflow flaw. This is fixed by updating to Chrome Version 112.0.5615.137. This vulnerability is currently being exploited by cybercriminals.
This vulnerability is currently being exploited by cybercriminals.
Google has recently released an emergency security update for Chrome to address a zero-day vulnerability that has been observed in the wild since the start of the year. This vulnerability, CVE-2023-2033, is a high-severity type confusion weakness in the Chrome V8 JavaScript engine. A high-severity type confusion weakness can lead to out-of-bounds memory access, which can lead to programs crashing or the leaking of sensitive data. Additionally, threat actors can also exploit this vulnerability for arbitrary code execution on compromised devices.
Google has advised users to upgrade to version 112.0.5615.121 as soon as possible, which addresses the CVE-2023-2033 vulnerability on Windows, Mac, and Linux systems. The new version of Chrome is available now.
Chrome users can check for new updates from the Chrome menu > About Google Chrome or wait for automatic updates to be installed after a restart.
it is vital that all Chrome users upgrade to the latest version of Chrome to protect against any potential exploit of this zero-day vulnerability.
This vulnerability is currently being exploited by cybercriminals. The full nature of the attacks leveraging this vulnerability has not yet been disclosed, but it is vital that all Chrome users upgrade to the latest version of Chrome to protect against any potential exploit of this zero-day vulnerability.
Elpha Secure’s unique combination of cyber insurance, endpoint software, and 24/7 Security Operations Center (“SOC”) provides a holistic approach to your organization’s security. We leverage traditional risk transfer, technology, and human intelligence to alert you of the latest vulnerabilities and assist you with mitigation. Stop by our website to learn more about how we can help you through a cyber incident.
Disclaimer
Elpha Secure hopes you found the general information provided in this article informative and helpful. The information contained herein is not intended to constitute legal or other professional advice and should not be relied upon in place of consultation with your own legal and security advisors. If you like to learn more about Elpha Secure, click here.