Google’s browser is the victim of a major new vulnerability which must be taken very seriously, because it is already being exploited by hackers.
The American giant regularly releases security patches for Chrome. It has even increased the pace of updates, aiming to improve its security and plug vulnerabilities before they can be exploited by malicious actors. Unfortunately, the latter sometimes manage to get ahead of the developers, who find themselves obliged to publish updates urgently. And that’s exactly what’s happening right now.
A bug that can crash Chrome
This September 6, Apple Security Engineering and the University of Toronto reported a bug likely to cause an overflow in a buffer, the one allocated to WebP images. This allows Chrome to crash and execute arbitrary code that can put user data at risk.
Registered CVE-2023-4863, this vulnerability can be thwarted by a patch deployed by Google. To obtain it, you must update Chrome to version 116.0.5845.187 (Mac and Linux) and 116.0.5845.187/.188 (Windows). To make sure you have the correct update, go to your browser settings, then scroll down to the “About Chrome” tab.
From there, you should be able to see the software version. And if you don’t have the latest update yet, Chrome should automatically check for it. Once the browser restarts, you will be completely protected, at least for this time.
Google does not immediately intend to disclose many details about this matter, ” until a majority of users have received an update with the fix “. Based on Chromium, which is open source, Chrome’s code is accessible to everyone. Good for evil, since the company and malicious actors are engaged in a permanent war. Therefore, it is a safe bet that they are actively seeking to take advantage of this new vulnerability until the patch is fully deployed.
Download
8
- Very good performance
- Simple and pleasant to use
- A well-secured browser
Complete and fluid, Google Chrome has established itself as a free reference for web browsers and is in an excellent position compared to other flagship applications such as Mozilla Firefox and Microsoft Edge (formerly Internet Explorer). To complete its Windows, Mac and Linux version for computers, the Californian firm also offers a mobile version compatible with Android and iOS.
Complete and fluid, Google Chrome has established itself as a free reference for web browsers and is in an excellent position compared to other flagship applications such as Mozilla Firefox and Microsoft Edge (formerly Internet Explorer). To complete its Windows, Mac and Linux version for computers, the Californian firm also offers a mobile version compatible with Android and iOS.
Sources: Bleeping Computer, Google
2