Google has released a security update to patch a critical vulnerability in its Google Chrome browser. The new vulnerability, tracked as CVE-2023-3079, was reported by Google Threat Analysis Group (TAG) on June 1, 2023.
According to NIST's National Vulnerability Database (NVD), a bug in the V8 JavaScript engine in Google Chrome prior to version 114.0.5735.110 allows an attacker to exploit memory corruption via a crafted HTML page. Memory corruption occurs when the contents of a memory location are modified beyond the programmer's intent or the program/language construct, resulting in a memory safety violation.
Google Chrome browser users need to update to the new version immediately to patch security flaws
As usual, Google did not disclose details about the nature of the attacks, but the report said that an exploit for CVE-2023-3079 was in play, which is also a zero-day bug that Google addressed in its Chrome browser in early 2023. The two previous bugs were CVE-2023-2033 (CVSS score: 8.8) and CVE-2023-2136 (CVSS score: 9.6).
Chrome browser users should immediately upgrade to version 114.0.5735.110 (Windows) and 114.0.5735.106 (macOS and Linux) to mitigate potential threats.
Source link
Comment (0)