Google has released an emergency Chrome security update in response to the first zero-day vulnerability exploited in an attack since the beginning of the year.
Google stated in a security advisory, “Google is aware that an exploit exists for CVE-2023-2033 in the wild.”
The new version is presently being rolled out to users on the Desktop Stable channel, and will ultimately reach all users.
Chrome users must update to the latest version as soon as possible, as it addresses the CVE-2023-2033 flaw on Windows, Mac, and Linux systems.
Users can check for updates by following the procedures below:
- Go to the Chrome menu
- Now go to Help
- Now go to Google Chrome
According to BleepingComputer, the critical zero-day flaw (CVE-2023-2033) is caused by a critical type confusion flaw in the Chrome V8 JavaScript engine.
The vulnerability was disclosed by Clement Lecigne of Google’s Threat Analysis Group (TAG), whose primary mission is to defend Google customers from state-sponsored attacks.
Chrome users on Windows, Mac, and Linux should upgrade immediately to patch the CVE-2023-2033 issue.
In spite of Google’s assertion that its knowledge of CVE-2023-2033 zero-day exploits has been used in attacks, the company will provide additional information, according to the report.
Google was quoted as saying, “Access to bug details and links may be restricted until the majority of users are updated with a fix.”
“We will also keep restrictions in place if the bug exists in a third-party library that other projects similarly rely on but have not yet fixed,” the statement continued.