Security News > 2023 > November > Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability
2023-11-29 04:27
Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D graphics library. Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group (TAG) have been
News URL
https://thehackernews.com/2023/11/zero-day-alert-google-chrome-under.html
Related news
- New tool bypasses Google Chrome’s new cookie encryption system (source)
- Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- Google Chrome’s AI feature lets you quickly check website trustworthiness (source)
- Google Chrome uses AI to analyze pages in new scam detection feature (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System (source)
- Google patches actively exploited Android vulnerability (CVE-2024-43093) (source)
- Google says “Enhanced protection” feature in Chrome now uses AI (source)
- Week in review: Zero-click flaw in Synology NAS devices, Google fixes exploited Android vulnerability (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-29 | CVE-2023-6345 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. | 9.6 |