Don’t Wait! Update Chrome Now to Fix This Critical Zero-Day Security Flaw
Google Chrome has released a security update to fix a vulnerability that was actively being exploited. The vulnerability, known as CVE-2023-6345, was discovered on November 24 by researchers from Google’s Threat Analysis Group. This marks the sixth zero-day vulnerability that has been addressed by Google Chrome this year.
The security patch is being rolled out to Chrome browsers on Mac, Linux, and Windows. Users are urged to install the update as soon as possible to prevent any bugs or cybersecurity threats. The National Vulnerability Database has classified the severity of the issue as “high.”
The vulnerability is related to Google’s Skia graphics library, which is open-source and utilized in Chrome and other Google apps and software. It is believed that an integer overflow error within Skia in Chrome could allow remote hackers to execute arbitrary code with a malicious file, potentially leading to critical security risks.
While the patch has been issued, some users may have to wait for the update to arrive in the coming days or weeks. However, users on macOS were able to install the update immediately. Google has also stated that it is aware that an exploit for the vulnerability exists in the wild, further emphasizing the importance of installing the update promptly.
It’s important to note that Google may not release more information on the security flaw until it is patched by the majority of Chrome users. This is to prevent malicious attackers from exploiting the vulnerability against users who have not yet updated. Researchers from Google’s Threat Analysis Group discovered the vulnerability on November 24, and the patch was issued starting on November 28.
For users who have automatic updates for Google Chrome enabled, no additional action may be necessary. To check if the update needs to be manually applied, users can open their Google Chrome settings, click the About Chrome tab, and click Update Google Chrome. If the option to update is not visible, it means the user is on the latest version.
In conclusion, the release of this security patch by Google Chrome serves as a reminder of the importance of promptly updating software to protect against potential cybersecurity threats. Users are encouraged to stay vigilant and ensure that their browsers are always up to date with the latest security patches.