



Google has released an updated version of Chrome to address the exploited zero-day vulnerability.

In a recent security advisory, Google said it patched a high-severity zero-day security flaw in its Chrome browser. This will be the first in 2023 and is currently being exploited by attackers in the wild. The company strongly recommends all Windows, Mac and Linux users to update to version 112.0.5615.121 immediately. Browser updates can be done manually or automatically.

If you’re using other Chromium-based browsers, you may need to update them as well.

This vulnerability is tracked as CVE-2023-2033 and can be exploited when a user visits a malicious webpage using an unpatched Chrome browser. This page may execute arbitrary code in your browser, which may hijack your computing device. Google is aware that exploit code for this flaw already exists and is in the wild.

CVE-2023-2033 is a type confusion bug in V8, Google’s open source JavaScript and WebAssembly engine. As with the zero-day patch announcement, the company provided little to no details on how attackers could exploit the vulnerability. However, attacks against V8, though rare, are considered one of the most dangerous. Exploiting weaknesses in V8 usually crashes the browser.

“Access to bug details and links may remain restricted until the fix is ​​available to the majority of users,” Google said in its advisory. “We also hold the limit if there are bugs in third-party libraries that other projects depend on as well, but have not yet been fixed.”

Google is giving all Chrome users plenty of time to update to the latest version pending technical details.

How to manually update Chrome

Google Chrome usually updates automatically. However, it’s worth double-checking. To check if your browser is up to date:

Click the three vertical dots in the upper right corner of the URL bar.[ヘルプ]>[Google Chrome について]Choose.

Just do this and Chrome will update. Once done, the browser will ask for a restart. Click the button to confirm and complete the update process.

Google will never allow users to manually download and install another file to update Chrome. Scammers and threat actors have used this tactic many times in the past, and it has worked for some time. It is sometimes employed in malicious campaigns to catch .

Take care!

