Google Patched High-Severity Zero-Day Flaw With Latest Chrome Release

Google has recently rolled out the latest Chrome release with a zero-day fix. This Chrome update marks the first patch for a zero-day flaw under attack, about which, Google hasn’t shared much details. Users should ensure to update their respective devices with the latest browser release to avoid any exploits.

Google Chrome Zero-Day Flaw

According to a recent advisory, Google has patched a severe security flaw in the Chrome browser.

Since Google confirmed the vulnerability as a zero-day under attack, the tech giant hasn’t shared many details about the Chrome issue. That’s what Google always does whenever disclosing a zero-day to ensure no potential exploits following a PoC.

Nonetheless, it confirmed the vulnerability as a type confusion flaw in the V8 engine. The high-severity bug, identified as CVE-2023-2033, first caught the attention of Clément Lecigne of Google’s Threat Analysis Group. The tech giant patched the vulnerability following the bug report.

Alongside this vulnerability, Google has also patched another security flaw in the browser that remained unexploited.

Google has released all security fixes with the latest Chrome update 112.0.5615.121 for Windows Mac and Linux.

However, the vulnerability doesn’t seem confined to the desktop browser only, since Google confirmed fixing similar vulnerabilities in Chrome for Android as well.

As stated in a separate advisory, the Chrome for Android version 112 (112.0.5615.100/.101) includes the same security fixes as the corresponding desktop release.

Hence now, all Google Chrome users need to update their respective desktop systems and Android phones to receive the patches. Nonetheless, Google has assured automatic roll-out of the latest release to all users.

With this vulnerability fix, Google has marked the first zero-day fix for the Chrome browser in 2023. That’s unlike the previous years when the firm had to tackle a bunch of zero-days right from the beginning of the year. That includes numerous type confusion vulnerabilities in the V8 component, amongst other bug fixes.

Let us know your thoughts in the comments.

Related posts

Apple Addressed Two Zero-Day Flaws In Intel-based Macs

Really Simple Security Plugin Flaw Risks 4+ Million WordPress Websites

Glove Stealer Emerges A New Malware Threat For Browsers