Google releases security update for Chrome to fix zero-day bug

In response to the first zero-day vulnerability exploited in attacks since the start of the year, Google has released an emergency Chrome security update. Also Read: Gemini Nano Banana AI Image Editor Rolls Out To Google Search And NotebookLM: Here’s What’s New

“Google is aware that an exploit for CVE-2023-2033 exists in the wild,” Google said in a security advisory. Also Read: How To Create Unique Rangoli Designs For Diwali Using Gemini Nano Banana AI Tool: Check Prompt

The new version is currently being rolled out to users in the Stable Desktop channel, and it will eventually reach the full user base. Also Read: Goodbye Windows 10! After 10 Years, Microsoft Officially Ends Free Support: What Can You Do

Chrome users will need to update to the new version as soon as possible since it fixes the CVE-2023-2033 vulnerability on Windows, Mac, and Linux computers.

Users can check for updates by going to the Chrome menu > Help > Google Chrome.

According to BleepingComputer, the high-severity zero-day vulnerability (CVE-2023-2033) is due to a high-severity type confusion weakness in the Chrome V8 JavaScript engine.

Clement Lecigne of Google’s Threat Analysis Group (TAG), whose major mission is to protect Google customers from state-sponsored attacks, reported the bug.

Moreover, the report mentioned that in spite of Google claiming that its knowledge of CVE-2023-2033 zero-day exploits has been used in attacks, the company has yet to provide further details.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Google was quoted as saying.

“We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed,” it added.

— IANS