Security News > 2023 > June > Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability - Update Now!
![Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability - Update Now!](/static/build/img/news/zero-day-alert-google-issues-patch-for-new-chrome-vulnerability-update-now-medium.jpg)
Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild.
Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine.
Clement Lecigne of Google's Threat Analysis Group has been credited with reporting the issue on June 1, 2023.
"Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page," according to the NIST's National Vulnerability Database.
With the latest development, Google has addressed a total of three actively exploited zero-days in Chrome since the start of the year -.
Users are recommended to upgrade to version 114.0.5735.110 for Windows and 114.0.5735.106 for macOS and Linux to mitigate potential threats.
News URL
https://thehackernews.com/2023/06/zero-day-alert-google-issues-patch-for.html
Related news
- Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability (source)
- Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability (source)
- Google fixes fifth Chrome zero-day exploited in attacks this year (source)
- Google fixes Chrome zero-day with in-the-wild exploit (CVE-2024-4671) (source)
- Google Chrome emergency update fixes 6th zero-day exploited in 2024 (source)
- New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation (source)
- Google patches third exploited Chrome zero-day in a week (source)
- Google fixes third actively exploited Chrome zero-day in a week (source)
- Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947) (source)
- Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-05 | CVE-2023-3079 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |