Zero-day alert: Google issues patch for new Chrome vulnerability

Google has issued a security update for the Chrome web browser to address the third zero-day vulnerability exploited by hackers this year.

Google passkeys

Photo: Reuters

IANS San Francisco

Listen to This Article

Google has issued a security update for the Chrome web browser to address the third zero-day vulnerability exploited by hackers this year.
"Google is aware that an exploit for CVE-2023-3079 exists in the wild," Google said in a blogpost.
The company has not released details about the exploit and how it was used in attacks, instead focusing on the severity and type of flaw.
"Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven't yet fixed," the company said.
According to BleepingComputer, CVE-2023-3079 is a high-severity vulnerability discovered on June 1, 2023, by Google researcher Clement Lecigne. It is a type confusion in V8, Chrome's JavaScript engine tasked with executing code within the browser.
Type confusion bugs occur when an object's type is misinterpreted by the engine during runtime, potentially leading to malicious memory manipulation and arbitrary code execution.

Also Read

Users may soon see how much memory each tab using on Google Chrome

Google Chrome updates to undergo another layer of testing before release

Google removes malicious Chrome extensions with 75 mn installs from store

Google Chrome may remove screenshot editing tool from desktop browser

Google rolls out memory, energy saver modes for Chrome on Mac, Windows

NDTV announces salary hikes across verticals "higher than industry average"

Microsoft launches voice chat feature to AI-powered Bing Chat on desktop

TVS Credit Services raises equity capital of Rs 480 cr from Premji Invest

AI rectifies glitch in Boeing plane stranded in Magadan; aircraft departs

IndiGo offers services to US via codeshare flights with Turkish Airlines

The first zero-day vulnerability that Google patched in Chrome this year was CVE-2023-2033, which is also a type confusion bug in the V8 JavaScript engine.
In March, Google security teams discovered 18 zero-day vulnerabilities in Samsung Exynos chips used in several top Android smartphones and wearables that may put those devices at risk.
Google's Project Zero head Tim Willis said in a blog post that the four most severe of these vulnerabilities "allowed for Internet-to-baseband remote code execution."

(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

First Published: Jun 10 2023 | 6:30 PM IST

Explore News