To resolve the first zero-day vulnerability exploited by hackers since the start of the year, Google on Friday released out-of-band updates. Users with stable desktop channels receive the upgraded version that will steadily become approachable to all users in the coming days or weeks.
However, Chrome users should update earlier to version 112.0.5615.121 since it resolves the CVE-2023-2033 susceptibility on Microsoft Windows, MacBook, and some Linux platforms.
Google patched two weaknesses in this upgrade, but the specifics won’t be available publically until most users have installed the patch.
Today, the high-severity rating is CVE-2023-2033, a confusion issue in the V8 JavaScript engine. Clement Lecigne of Google’s Threat Analysis Group (TAG) stated this problem on the last week of 11th of April, 2023. Likewise, Clement explored a similar weakness (CVE-2022-4262) a year ago, and the patch was launched in December.
Google claimed, “Google is alert that an achievement for CVE-2023-2033 does occur in the wild,”
Information about Chrome Zero-Day Bug (CVE-2023-2033)
Every Chrome version weakens to high-severity type confusion vulnerability in the V8 javascript engine, allowing attackers to exploit the bug remotely by fully filing arbitrary code.
And the day when this zero-day problem is effectively interrupted, it brings browser smashes by reading or writing memory outside of buffer confines.
While Google stated it is alert of CVE-2023-2033 zero-day exploitations in attacks, the firm has yet to onward any particulars about them.
Google alleged that “access to bug specifics and links may be withdrawn until most users are upgraded with a solution.”
“We will correspondingly grasp limitations if the bug ensures in a third-party library those other developments correspondingly rely on but haven’t up till now organized.”
This update can be accessed through the following steps:
At first, hover over the Chrome menu >Help > About Google Chrome. That’s it
After starting again, the web browser will robotically check for the newest updates and put them in without user involvement.