A serious security vulnerability in Chrome has just been patched

Please update your Google Chrome browser to the latest version to avoid potential dangers.

According to MacRumors, Google has released a security update for Chrome on macOS, Windows, and Linux to address an exploited zero-day vulnerability. The update acknowledges the existence of the CVE-2023-6345 vulnerability.

Google’s Threat Analysis Group (TAG) recently discovered a new vulnerability in Chrome’s graphics engine, specifically in the Skia open-source 2D graphics library. While the details of the vulnerability are currently being kept under wraps to prevent malicious actors from exploiting it, Google has confirmed that it is actively working on a patch to address the issue. The vulnerability, identified as CVE-2023-6345, is believed to be related to the Skia library and is being closely monitored by Google’s security teams.

According to the latest update notes for macOS (version 119.0.6045.199), a vulnerability has been discovered that could allow one or more attackers to bypass the sandboxing mechanism and execute arbitrary code on the affected system. This vulnerability is believed to be related to the Skia open-source 2D graphics library, which is used by Chrome to render web content. If exploited, the attacker could potentially gain access to sensitive data or execute malicious code with elevated privileges.

By default, the Chrome browser updates automatically when a new version is available. However, it is still recommended that users perform a manual update as soon as possible to minimize the risk of zero-day exploits. To do this, go to the Chrome settings by clicking on the three dots in the upper right corner of the browser window. Then, select the “About Chrome” tab and click on the “Update Google Chrome” button. If there is no option to update, it means you have already upgraded to the latest version.

This year, Google has addressed six zero-day vulnerabilities, including two that were previously exploited and patched in September (CVE-2023-5217 and CVE-2023-4863).

Related posts

Google launches Gemini 2.0 – comprehensive AI that can replace humans

NVIDIA RTX 5090 can be 70% more powerful than RTX 4090?

iOS 18.2 launched with a series of groundbreaking AI features