Trending
Duniata.com
You are at:»»You should probably update your Google Chrome browser this weekend
Tech & Startup News

You should probably update your Google Chrome browser this weekend

By No Comments
Google+ Pinterest LinkedIn Tumblr +



holding up the hp dragonfly pro chromebook

June Wan/ZDNET

If you’re one of the millions of Chrome users around the world, it’s time for another update. That’s right, a sixth zero-day exploit was discovered in Chrome, and luckily the update was released shortly after.

If you’re not sure what a zero day vulnerability is, it’s simply a vulnerability that has been discovered but not yet patched.

Also: Android’s September security update fixes actively exploited zero-day vulnerabilities and more.

The exploit in question is CVE-2023-6345 and exists in the wild. According to Tenable, the official description of this vulnerability is as follows: “An integer overflow in Skia in Google Chrome before 119.0.6045.199 allowed a remote attacker who had compromised the rendering process to potentially perform a sandbox escape via a malicious file. (Chromium Security Severity: High).”

The Chrome Stable channel has been updated to 119.0.6045 for Linux and Mac and 119.0.6045.199/.200 for Windows. Although the update has not been rolled out to all users, Google has confirmed that it will happen in the coming days/weeks.

This update includes seven different security fixes (including for the zero-day exploit), namely:

  • CVE-2023-6348: Type confusion in spell checking
  • CVE-2023-6347: Free use in Mojo.
  • CVE-2023-6346: Use for free in WebAudio.
  • CVE-2023-6350: Out of bounds memory access in libavif.
  • CVE-2023-6351: Use after free in libavif.
  • CVE-2023-6345: Integer overflow in Skia.

It is the last vulnerability, listed above, that constitutes the zero-day exploit. Interestingly, this vulnerability is listed as high and not critical. Even so, any bug listed as high should be considered a much-needed fix. Aside from saying that this vulnerability exists in the wild, Google has been a bit quiet about it. You can read Google’s official statement on the issue.

Also: Hands-on with Google’s new Titan security keys – and why they still have their place

To find out which version of Chrome you’re using, go to Settings > About Chrome, where you’ll see the version number. If an update is available, be sure to click Relaunch for the updates to be applied. If you find that your version is outdated, you can always go to the Chrome download page, download the latest version and install it.

Gn tech

Share.

Related Posts