9 January 2024

Security I Trust

Helping you build Security and Trust

Chrome zero-day flaw with exploit in the wild CVE-2023-3079

1 min read
CVE-2023-3079

On Monday Google releases a security update to fix a critical flaw in its Chrome web Browser.
This critical vulnerability is been tracked as CVE-2023-3079

The vulnerability has been described as a type confusion bug in the V8 JavaScript engine. Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page,” according to the NIST’s National Vulnerability Database (NVD).

Clement Lecigne of Google’s Threat Analysis Group has been credited with reporting the issue on June 1, 2023.
Google has not released details about how the exploit and how it was used in attacks

Solution

  • On Monday google releases a security update to fix a critical flaw in its Chrome web Browser.
  • Users are recommended to upgrade to version 114.0.5735.110 for Windows and 114.0.5735.106 for macOS
    Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.