Google has released urgent upgrades to fix the Chrome zero-day high-severity vulnerability that has been widely exploited, which could lead to software crashes or arbitrary code execution.
To address the actively exploited zero-day vulnerability, the stable channel will be updated to 120.0.6099.129 for Mac and Linux and 120.0.6099.129/130 for Windows.
Over the coming days and weeks, the update will be implemented.
The CVE-2023-7024 vulnerability has been defined as a heap-based buffer overflow flaw in the WebRTC framework that might be exploited to cause software crashes or arbitrary code execution.
The issue was found and reported by Clément Lecigne and Vlad Stolyarov from Google's Threat Analysis Group.
Google withheld information regarding the attacks that took use of the vulnerability in the wild.
With the release of this update, Chrome's eighth actively exploited zero-day since the year's beginning has been patched.
CVE-2023-2033 - Type Confusion in V8. CVE-2023-2136 - Integer overflow in the Skia graphics library.
CVE-2023-3079 - Type Confusion in V8. CVE-2023-4863 - Heap buffer overflow in WebP. CVE-2023-5217 - Heap buffer overflow in vp8 encoding in libvpx.
CVE-2023-6345 - Integer overflow in Skia graphics library.
CVE-2023-4762 - Type Confusion in V8. Google strongly recommends users update their Chrome web browser immediately to prevent exploitation.
To update the Chrome web browser, you have to follow a few simple steps that we have mentioned below:-.
This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 21 Dec 2023 10:05:50 +0000