Another day, another zero-day attack hitting widely deployed software from a big tech provider. Google on Friday joined the list of vendors dealing with zero-day attacks, rolling out a major Chrome Desktop update to fix a security defect that’s already been exploited in the wild.
The high-severity vulnerability, tracked as CVE-2023-2033, is described as a type confusion in the Chrome V8 JavaScript engine. Google is aware that an exploit for CVE-2023-2033 exists in the wild, and has stated that access to bug details and links may be kept restricted until a majority of users are updated with a fix. The patch is being pushed to Chrome 112.0.5615.121 for Windows Mac and Linux and will roll out via the software’s automatic patching mechanism over the coming days/weeks.
Google’s zero-day patch comes days after Microsoft acknowledged a zero-day in its flagship Windows operating system was being hit by ransomware actors. Apple has also recently struggled with zero-day exploits and shipped a major patch a week ago to fix a pair of code execution flaws in its iOS, macOS iPadOS platforms.
So far this year, there have been 20 documented in-the-wild zero-day compromises, with 12 of them being code defects from Microsoft, Apple and Google. It is essential for users to stay up-to-date on the latest software updates to ensure their systems are secured against the latest exploits.
In conclusion, zero-day attacks have been a growing menace in 2023, with a significant number of documented cases. Microsoft, Apple and Google have all had to deal with zero-day flaws in their software, and users must ensure their systems are up-to-date to help protect against the latest exploits.
Key Points:
- Google recently rolled out a major Chrome Desktop update to fix a security defect that’s already been exploited in the wild.
- Microsoft, Apple and Google have all had to deal with zero-day flaws in their software.
- So far this year, there have been 20 documented in-the-wild zero-day compromises.
- Users must ensure their systems are up-to-date to help protect against the latest exploits.