Zero Day Exploit in Chromium Browsers
Posted: 18 Apr 2023 12:29
Update your Chromium based browsers - Brave, Chrome, Edge etc..
Generally speaking your browser should update automatically but if you have secondary browsers you don't use as often, launch them and go to Settings > About or Settings > Help > About to make sure you're on 112.0.5615.121 or later.
Currently Brave & Chrome have released patches. Edge & Opera are not patched at time of publishing
.
Generally speaking your browser should update automatically but if you have secondary browsers you don't use as often, launch them and go to Settings > About or Settings > Help > About to make sure you're on 112.0.5615.121 or later.
Currently Brave & Chrome have released patches. Edge & Opera are not patched at time of publishing
.Source: https://thehackernews.com/2023/04/googl ... te-to.htmlThe Hacker News wrote:Google on Friday released out-of-band updates to resolve an actively exploited zero-day flaw in its Chrome web browser, making it the first such bug to be addressed since the start of the year.
Tracked as CVE-2023-2033, the high-severity vulnerability has been described as a type confusion issue in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on April 11, 2023.
"Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page," according to the NIST's National Vulnerability Database (NVD).