Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Eugene

(62,686 posts)
Sat Dec 2, 2023, 05:01 AM Dec 2023

Google issues an emergency update to fix zero-day exploit for Chrome. Other browsers like Edge also affected

Emergency fixes for other Chromium-based browsers have been released recent days.
That includes Edge, Opera, Vivaldi and Brave. If your browser has not been updated
since November 28, check for updates now.


__________________________________________________

Source: ZDNet.com

Google issues an emergency update to fix yet another zero-day exploit for Chrome. Here's what to know

2023 has been a banner year for zero-day exploits in Chrome and Google has patched its 6th and this one is considered an "emergency."

Written by Jack Wallen, Contributing Writer
Nov. 30, 2023 at 7:27 a.m. PT

If you are one of the millions of worldwide Chrome users, it's time for yet another update. That's right, a sixth zero-day exploit has been discovered in Chrome and, fortunately, the update was released shortly after.

If you're uncertain as to what a zero-day vulnerability is, it's simply a vulnerability that has been discovered but not yet patched.

The exploit in question is CVE-2023-6345 and does exist in the wild. According to Tenable, the official description of this vulnerability is, "Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)."

-snip-

CVE-2023-6345: Integer overflow in Skia.

It is the final vulnerability, listed above, that is the zero-day exploit. It's interesting to know that this vulnerability is listed as High and not Critical. Even so, any bug listed as High should be considered a must-patch. Other than saying this vulnerability exists in the wild, Google has been a bit hush-hush about it. You can read Google's official statement about the issue.

-snip-

Read more: https://www.zdnet.com/article/google-issues-an-emergency-update-to-fix-yet-another-zero-day-exploit-for-chrome-heres-what-to-know/
2 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
Google issues an emergency update to fix zero-day exploit for Chrome. Other browsers like Edge also affected (Original Post) Eugene Dec 2023 OP
Everything works better with more speed bucolic_frolic Dec 2023 #1
I had to turn off Edge... 2naSalit Dec 2023 #2

bucolic_frolic

(47,130 posts)
1. Everything works better with more speed
Sat Dec 2, 2023, 05:47 AM
Dec 2023

now that I signed out of my one Chromium tab and use a different browser for it instead.

2naSalit

(92,941 posts)
2. I had to turn off Edge...
Sat Dec 2, 2023, 06:55 AM
Dec 2023

Yesterday. A few days ago it start to open itself without notice when I started my computer. I had it set to dormant and was never supposed to open at all. That after a recent update and prompts to upgrade to WIN 11 which I don't want.

Latest Discussions»Help & Search»Computer Help and Support»Google issues an emergenc...