Google on Friday released an emergency update for Chrome to address a zero-day security flaw. The vulnerability, tracked as CVE-2023-2033, can be exploited by a malicious webpage to run arbitrary code in the browser. Thus, surfing to a bad website with a vulnerable browser could lead to your device being hijacked. Exploit code for this hole is said to be circulating, and may well be in use already by miscreants.
This high-severity type-confusion bug is present in at least Chrome for desktop versions prior to 112.0.5615.121. Google released that version on April 14 for Windows, Mac, and Linux to close the security hole, which lies in the V8 JavaScript engine.
The new version should be installed as soon as possible, either automatically or manually.
No comments:
Post a Comment