Geeks for your information News Browsers News & Tips v
Google Chrome update fixes 0-day vulnerability exploited in the wild
Google Chrome update fixes 0-day vulnerability exploited in the wild
harlan4096 Offline
MalWare Zoo Team
*******
Posts: 14,816
Threads: 9,684
Thanks Received: 9,105 in 7,257 posts
Thanks Given: 9,913
Joined: 12 September 18
#1
Information  21 December 23, 09:48
Quote:Google has released a security update for Google Chrome Stable and Google Chrome Extended Stable that addresses a security vulnerability that is exploited in the wild.

Chrome users are encouraged to update Google Chrome to the latest version immediately to protect it from potential attacks.

The fastest way to do that is to load chrome://settings/help in the Chrome address bar. Google Chrome lists the current version and runs a check for updates. It should pick up the security update and start to download it. A restart is required to complete the process.

Chrome's Help page should now display one of the following versions (depending on operating system and channel):
  • Chrome for Linux or Mac: 120.0.6099.129
  • Chrome for Windows: 120.0.6099.129 or 120.0.6099.130
  • Chrome Extended for Mac: 120.0.6099.129
  • Chrome Extended for Windows: 120.0.6099.130
Automatic updates may take longer. Google notes that these may take days or sometimes even weeks before they land on all devices with Chrome Stable or Extended installed.

About the vulnerability

[Image: google-chrome-120-0-day-security-issue.png]

Google announced the update on the official releases blog. There, the company reveals that the security issue is a heap buffer overflow bug in WebRTC. It assigned a high security rating to the vulnerability and confirmed that it is aware of attacks in the wild: "Google is aware that an exploit for CVE-2023-7024 exists in the wild".

The issue was discovered by members of Google's Threat Analysis Group TAG.

Additional information about security issues, especially those with exploits in the wild, is not provided by Google until the majority of Chrome installations have upgraded to  a newer version that contains a fix.

The 0-day vulnerability is the eighths of the year in Chrome and Chromium-based browsers.

All Chromium-based web browsers are affected by the issue as well. Expect updates for browsers such as Microsoft Edge, Brave, Vivaldi or Opera in the coming days as well because of that.

Google launched Chrome 120 on December 6 to the public. The browser fixed several security issues as well and introduced new features, such as password sharing between family account members.
...
Continue Reading
Find
Reply


Messages In This Thread
Google Chrome update fixes 0-day vulnerability exploited in the wild - by harlan4096 - 21 December 23, 09:48

Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
GFYI [Official] Revo Registry Cleaner P...
OPTION 2 Share feed...zevish — 06:51
NVIDIA’s new DLSS Transformer model requ...
NVIDIA DLSS 310.3....harlan4096 — 10:09
INTEL Arc Graphics 32.0.101.6913 driver
Highlights  Int...harlan4096 — 10:07
AppCheck Anti-Ransomware 3.1.42.3
Version 3.1.42.3 (...harlan4096 — 10:06
AdGuard Browser Extension 5.1.113 (MV3 s...
AdGuard Browser Ex...harlan4096 — 10:03

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>