Critical Security Update for Google Chrome Users

Google has released a critical security update for some Chrome users on Mac, Linux, and Windows to address a zero-day vulnerability (CVE-2023-6345) that could expose systems to data theft and cyberattacks.

The vulnerability was discovered on November 24th by two security researchers working within Google’s Threat Analysis Group (TAG). The exploit takes advantage of an integer overflow weakness in Skia, the open-source 2D graphics library within the Chrome graphics engine.

This vulnerability allowed at least one attacker to potentially perform a sandbox escape via a malicious file. Sandbox escapes can lead to the deployment of malicious code and unauthorized access to personal data.

Google has not disclosed detailed information about the exploit, as is common in the industry to prevent potential abuse before users have a chance to update their software. Users are strongly advised to manually update their Chrome browser to the latest version (119.0.6045.199 for Mac and Linux, and 119.0.6045.199/.200 for Windows) to ensure their systems are protected.

While automatic updates may cover some users, manual updates are recommended to avoid leaving systems exposed. Google indicates that the fix will be rolling out over the coming days and weeks, so users should be proactive in updating their browsers.

Leave a Comment

Your email address will not be published. Required fields are marked *