December 9, 2023

Google has released an emergency patch to address on the first Chrome zero-day vulnerability tracked as CVE-2023-2033

The vulnerability is a Type Confusion issue that resides in the JavaScript engine V8. The vulnerability was reported by researchers from Google’s TAG.

Google is rolling out the new version in the Stable Desktop channel. This means that it will be available to the entire user base over the coming days or weeks and its aware of attacks in the wild, exploiting the issue.

Advertisements

Google did not disclose details of the attacks exploiting this vulnerability, it will not provide bug details and links until a majority of users will have updated their installs.

Access to bug details and links may be kept restricted until a majority of users are updated with a fix. It also retain restrictions if the bug exists in a third-party library that other projects similarly depend on but haven’t yet fixed.

The stable and extended stable channel has been updated to 112.0.5615.121 for Windows Mac and Linux, which will roll out over the coming days/weeks.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d