Live
- Understanding the Link Between Vitamins and Infertility
- The Benefits of Tender Coconut Water for Health and Wellness
- Two killed in light plane crash in Australia's Victoria
- World Day for Safety and Health at Work 2024: Date, History, and Significance
- FPI selling in equity markets getting absorbed by domestic funds, retail investors
- Leading IT firms in India lost close to 70K employees in last fiscal year
- Four power plants hit in massive Russian overnight attacks on Ukraine
- International Marconi Day 2024 Date, history and significance
- Congress slits throat of Hindu people for Muslims, alleges Giriraj Singh
- Anupama Parameswaran Goes De-Glam for Powerful New Film ‘Paradha’
Google Chrome Users at Risk: Update Now to Secure Your Personal Data
- 1. Google has taken swift action by releasing a security update addressing a zero-day vulnerability currently under active exploitation.
- 2. To safeguard against the potential threat of data theft, it is strongly recommended that users promptly update their Chrome browsers.
Recently, Google introduced a critical security update encompassing macOS, Windows, and Linux platforms for its Chrome browser. The primary purpose of this update is to rectify a zero-day vulnerability denoted as CVE-2023-6345, which has been verified as actively exploited in real-world scenarios. The exploitation of this vulnerability could grant unauthorized control to attackers over the affected devices. In response, Google is emphasising the importance of immediate browser updates for all Chrome users.
Google has chosen to withhold detailed information regarding the CVE-2023-6345 exploit, uncovered last week by security researchers within Google's Threat Analysis Group (TAG). This cautious stance aligns with the standard practice of many tech companies, aiming to prevent potential attackers from exploiting vulnerabilities in Chrome installations by providing specific details. The duration of active exploitation before detection, as reported by Android Central, remains undisclosed.
The nature of the threat is centered around CVE-2023-6345, identified as an integer overflow vulnerability impacting Skia, the open-source 2D graphics library integrated into the Chrome graphics engine. According to the macOS update notes (version 119.0.6045.199), the exploit facilitated a potential sandbox escape through a malicious file, as detailed in the report. A sandbox escape is a critical threat, as it opens the door to arbitrary code execution and data theft, jeopardizing the security of the Chrome browser and compromising the user's sensitive information. Exploitation of CVE-2023-6345 poses significant risks, potentially leading to unauthorized access to sensitive user data, manipulation of data, and exposure to various cyber threats.
To ensure protection, users are advised to manually update Google Chrome using the following steps:
- Go to Chrome settings.
- Click on the "About Chrome" tab.
- Locate and click on the "Update Google Chrome" option.
- If the update option is not seen, shows that the browser is already on the latest version.
Google assures users that the fix will be gradually implemented over the coming days or weeks through a phased rollout. While this may result in the update not being immediately available to all users, considering the potential risks associated with CVE-2023-6345, users are strongly urged to remain vigilant and apply the update as soon as it becomes accessible to safeguard their browsing experience's security.
