Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
Editorials & Other Articles
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Google issues an emergency update to fix zero-day exploit for Chrome. Other browsers like Edge also affected
Emergency fixes for other Chromium-based browsers have been released recent days.That includes Edge, Opera, Vivaldi and Brave. If your browser has not been updated
since November 28, check for updates now.
__________________________________________________
Source: ZDNet.com
Google issues an emergency update to fix yet another zero-day exploit for Chrome. Here's what to know
2023 has been a banner year for zero-day exploits in Chrome and Google has patched its 6th and this one is considered an "emergency."
Written by Jack Wallen, Contributing Writer
Nov. 30, 2023 at 7:27 a.m. PT
If you are one of the millions of worldwide Chrome users, it's time for yet another update. That's right, a sixth zero-day exploit has been discovered in Chrome and, fortunately, the update was released shortly after.
If you're uncertain as to what a zero-day vulnerability is, it's simply a vulnerability that has been discovered but not yet patched.
The exploit in question is CVE-2023-6345 and does exist in the wild. According to Tenable, the official description of this vulnerability is, "Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)."
-snip-
CVE-2023-6345: Integer overflow in Skia.
It is the final vulnerability, listed above, that is the zero-day exploit. It's interesting to know that this vulnerability is listed as High and not Critical. Even so, any bug listed as High should be considered a must-patch. Other than saying this vulnerability exists in the wild, Google has been a bit hush-hush about it. You can read Google's official statement about the issue.
-snip-
Read more: https://www.zdnet.com/article/google-issues-an-emergency-update-to-fix-yet-another-zero-day-exploit-for-chrome-heres-what-to-know/
InfoView thread info, including edit history
TrashPut this thread in your Trash Can (My DU » Trash Can)
BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks)
2 replies, 1112 views
ShareGet links to this post and/or share on social media
AlertAlert this post for a rule violation
PowersThere are no powers you can use on this post
EditCannot edit other people's posts
ReplyReply to this post
EditCannot edit other people's posts
Rec (0)
ReplyReply to this post
2 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
Google issues an emergency update to fix zero-day exploit for Chrome. Other browsers like Edge also affected (Original Post)
Eugene
Dec 2023
OP
bucolic_frolic
(47,130 posts)1. Everything works better with more speed
now that I signed out of my one Chromium tab and use a different browser for it instead.
2naSalit
(92,941 posts)2. I had to turn off Edge...
Yesterday. A few days ago it start to open itself without notice when I started my computer. I had it set to dormant and was never supposed to open at all. That after a recent update and prompts to upgrade to WIN 11 which I don't want.