Google has released urgent updates to address a high-severity vulnerability in its Chrome web browser that has been actively exploited. The vulnerability, known as CVE-2023-7024, is a heap-based buffer overflow flaw in the WebRTC framework that could cause software crashes or allow for arbitrary code execution. Google has updated the stable channel to version 120.0.6099.129/130 for Windows and 120.0.6099.129 for Mac and Linux in order to mitigate the issue. The update will be implemented over the coming days and weeks. The vulnerability was discovered and reported by ClĂ©ment Lecigne and Vlad Stolyarov from Google’s Threat Analysis Group. In response to the exploit, Google has withheld information about the attacks and has restricted access to bug details until a majority of users have updated with the fix. This is the eighth actively exploited zero-day vulnerability that Chrome has patched this year. Google strongly advises users to update their Chrome web browsers immediately to avoid exploitation. To update, users should go to the Settings option, select About Chrome, wait for the update to automatically download and install, and then restart Chrome.
Related Posts
Researchers have uncovered a sophisticated attack campaign targeting Ivanti Cloud Services Appliance (CSA) users. Nation-state actors are exploiting multiple zero-day…
Microsoft has addressed a critical zero-day vulnerability affecting its Windows Smart App Control (SAC) and SmartScreen security features. This vulnerability…
Hackers Exploit Critical XSS Flaw in Zimbra Collaboration Software Suite
Zimbra Collaboration, an open-source software suite for collaboration, is utilized by over 5,000 companies and public sector users in more…