Google has released a critical security update for its Chrome web browser that addresses a zero-day vulnerability actively exploited by attackers. The vulnerability, known as CVE-2023-6345, affects Chrome browsers on Mac, Linux, and Windows.

Key highlights:

Critical security update released for Chrome browsers on Mac, Linux, and Windows.
Patches a “zero-day” vulnerability known as CVE-2023-6345.
Exploit for CVE-2023-6345 is actively being used by attackers.
Update Chrome immediately to protect yourself from potential data theft and cyber attacks.

STK114 Google Chrome 01

What is a Zero-Day Vulnerability?

A zero-day vulnerability is a security flaw that software developers are unaware of. This makes them particularly dangerous, as attackers can exploit them before developers have a chance to release a patch. In the case of CVE-2023-6345, Google has confirmed that an exploit for the vulnerability is already in the wild.

What are the risks of CVE-2023-6345?

Exploiting the CVE-2023-6345 vulnerability could allow attackers to gain remote code execution (RCE) on a victim’s computer. This could allow attackers to steal sensitive data, install malware, or take control of the computer entirely.

What is Skia?

The CVE-2023-6345 vulnerability resides in Skia, an open-source 2D graphics library commonly used in Chrome, ChromeOS, Android, Flutter, and other software. This vulnerability arises from an integer overflow issue in Skia, leading to potential memory corruption and exploitation.

Who is affected?

All users of Chrome browsers on Mac, Linux, and Windows are potentially affected by this vulnerability. Version 119.0 and earlier of Chrome contain the vulnerable code.

How to update Chrome

Fortunately, Google has released a security update that patches the CVE-2023-6345 vulnerability. To update Chrome, follow these steps:

Open Chrome.
Click on the three dots in the top right corner of the browser window.
Select “Help” and then “About Google Chrome.”
Chrome will automatically check for updates.
If an update is available, it will be downloaded and installed automatically.

It is important to update Chrome as soon as possible to protect yourself from this critical vulnerability.

Additional Information:

Google has not released any technical details about the CVE-2023-6345 vulnerability. This is likely to prevent attackers from developing new exploits.
The CVE-2023-6345 vulnerability is the first zero-day vulnerability to be discovered in Chrome this year.

A critical security update is available for Chrome that addresses a zero-day vulnerability actively exploited by attackers. Updating Chrome immediately will protect you from potential data theft and cyber attacks.

TagsChrome

About the author

View All Posts

Joshua Bartholomew

He is the youngest member of the PC-Tablet.com team, with over 3 years of experience in tech blogging and coding. A tech geek with a degree in Computer Science, Joshua is passionate about Linux, open source, gaming, and hardware hacking. His hands-on approach and love for experimentation have made him a versatile contributor. Joshua’s casual and adventurous outlook on life drives his creativity in tech, making him an asset to the team. His enthusiasm for technology and his belief that the world is an awesome place to explore infuse his work with energy and innovation.