Google Chrome update fixes high-severity zero-day vulnerability that was actively exploited

Google is rolling out a security patch for its Chrome web browser that fixes a security flaw that could allow a malicious user to run dangerous code on a user’s computer. The update is available for Windows, macOS and Linux computers and users should install the latest version to stay protected from the zero-day vulnerability – the sixth to be patched by Google this year. The company is expected to provide more information once the update is released to many users.

spotted By Android Central, Google Chrome update 119.0.6045.199 for macOS and Linux began rolling out to users earlier this week, along with version 119.0.6045.200 for Windows computers that fixed the zero-day vulnerability Went. These are flaws that were previously unknown to the developers of the software, making them the target of malicious users.

With the latest Google Chrome update, the company has patched a security bug tracked by the National Institute of Standards and Technology (NIST). CVE-2023-6345, Although the company hasn’t disclosed much information related to the security flaw, the company does say it is aware that “an exploit for CVE-2023-6345 exists in the wild.” In its release notes For latest updates. Users should enable automatic updates for Chrome or manually update to the latest versions to get the latest improvements.

Meanwhile, the entry for the vulnerability on the NIST website has been assigned a “high” severity level. The description says that it is related to the open source Skia library which is used in Google Chrome. An attacker can use a malicious file to compromise the renderer process and escape the sandbox – a system designed to separate the browser and the system, so as to keep the latter secure.

The company credits Benoit Sevens and Clément Lesigne of its Threat Analysis Group (TAG) with discovering the vulnerability which was found on November 24 and was swiftly patched by the company. At the moment, it is unclear whether other browsers and applications that are based on Google’s open-source Chromium browser project are also affected by the flaw, or when they will receive updates with security patches.

Affiliate links may be automatically generated – see our ethics statement for details.

Follow Gadgets 360 for the latest tech news and reviews x, Facebook, WhatsApp, threads And Google News, For the latest videos on gadgets and tech, subscribe to our Youtube channel,

Nothing Phone 2 gets permanent price cut in India; Now starts from Rs. 39,999

UN to educate over 22,000 staff members on Blockchain, Web3: Here’s why

(tagstotranslate) Google Chrome update security flaw zero day vulnerability actively exploited Google Chrome

Leave a comment