- 25 November 2017
- 823
- 431
Google Zero day targeting Chrome based crypto wallets
Google recently announced that a zero-day vulnerability in its Chrome web browser is being exploited. In response to this, Google has released an emergency security update. While Chrome security updates are not rare, it is unusual for an update to address a single actively exploited 0Day vulnerability. This makes it essential for users to take the update seriously and ensure their browser is protected.
On June 5th, Google announced on the Chrome releases blog that the desktop version of Chrome has been updated to version 114.0.5735.106 for Mac and Linux and 114.0.5735.110 for Windows. These updates will be rolled out over the coming days and weeks. The announcement mentions two security fixes included in this update, but only one is detailed: CVE-2023-3079.
CVE-2023-3079 is a vulnerability in the V8 JavaScript engine that causes type confusion. It was discovered by Google’s Threat Analysis Group. While this is all the technical information that Google has released at this time to allow for the update to be rolled out to as many users as possible, one critical detail has been published: “ Google is aware that an exploit for CVE-2023-3079 exists in the wild.” This means that users should not wait but check if their browser has been updated.
Read: https://www.forbes.com/sites/daveyw...hrome-security-update-0day-exploit-confirmed/
Quelle: zoneedit.com - E-Mail Newsletter
Google recently announced that a zero-day vulnerability in its Chrome web browser is being exploited. In response to this, Google has released an emergency security update. While Chrome security updates are not rare, it is unusual for an update to address a single actively exploited 0Day vulnerability. This makes it essential for users to take the update seriously and ensure their browser is protected.
On June 5th, Google announced on the Chrome releases blog that the desktop version of Chrome has been updated to version 114.0.5735.106 for Mac and Linux and 114.0.5735.110 for Windows. These updates will be rolled out over the coming days and weeks. The announcement mentions two security fixes included in this update, but only one is detailed: CVE-2023-3079.
CVE-2023-3079 is a vulnerability in the V8 JavaScript engine that causes type confusion. It was discovered by Google’s Threat Analysis Group. While this is all the technical information that Google has released at this time to allow for the update to be rolled out to as many users as possible, one critical detail has been published: “ Google is aware that an exploit for CVE-2023-3079 exists in the wild.” This means that users should not wait but check if their browser has been updated.
Read: https://www.forbes.com/sites/daveyw...hrome-security-update-0day-exploit-confirmed/
Quelle: zoneedit.com - E-Mail Newsletter