Google patches actively exploited security issue in Chrome 112

Martin Brinkmann
Apr 15, 2023
Google Chrome
|
34

Google released an update for its Chrome web browser for the desktop and for Android. The new update patches a security issue that is exploited actively in the wild. Chrome users are encouraged to update their browsers as soon as possible to protect it from these targeted attacks.

Desktop users may select Menu > Help > About Google Chrome to run a manual check for updates. An alternative is to load chrome://settings/help directly in the address bar, which opens the same page.

Chrome displays the installed version on the page and will check for updates. It should pick up the update during the check to install it on the device. A restart of the web browser is required to complete the update.

The new version of Chrome has the following version after the update has been processed.

  • Chrome Stable and Extended Stable for desktop: 112.0.5615.121
  • Chrome for Android: 112.0.5615.100 or 112.0.5615.101

Chrome 112: Emergency security update

Google provides the following information on the Chrome Releases blog about the update. According to the information, the security update is addressing two security issues in Chrome.

Google reveals information about externally reported security issues only to the public. The reported security issue, CVE-2023-2033, is a type confusion in V8. It has a severity rating of high, and Google highlights that an exploit for the issue exists in the wild.

It is unclear how widespread attacks are that exploit the issue, as Google makes no mention of that.

No information is provided on the second security issue that Google addressed in the Chrome 112 update.

Google Chrome users may want to update their web browser immediately to address the issue. Desktop users have all the options at hand to update immediately, mobile users need to wait until Google Play pushes the update to their devices.

Google released Chrome 112 at the beginning of April. The update fixed 16 unique security issues in the web browser and introduced several non-security changes as well. You can check out our review of Chrome 112 here for an overview.

Now You: do you have Chrome installed on your devices?

Summary
Google patches actively exploited security issue in Chrome 112
Article Name
Google patches actively exploited security issue in Chrome 112
Description
Google released an update for Google Chrome 112 Stable for desktop and Android to address a security issue that is exploited in the wild.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. Andy Prough said on April 15, 2023 at 10:52 pm
    Reply

    It’s clear why madaidan does not include any chromium-based browsers in his Whonix high security project, but instead uses the Tor browser. He is well aware that after about 40 zero-day exploits in the last 4 1/2 years, that chromium is a security disaster of historic proportions that and he cannot in good conscience expose his Whonix users to it.

  2. John G. said on April 15, 2023 at 6:14 pm
    Reply

    Chrome is not a bad browser at all and furthermore it’s installed in mostly all computers and Android mobile phones. By the way it has a lot of exploits because it’s the most widely used browser and the hackers are all day long attacking its code to take benefits. In the other hand we have Firefox, that is also a good browser, however sometimes it’s buggy as hell with no reason. For example, I have noticed some unexpected issues with latest version 112 and I don’t know what’s the culprit. Youtube website loading times are longer than before and the videos have also some unexplained delays and glitches. I hate this kind of situations, because Chrome has always the same behaviour whatever the website, it never fails I can sure you that Chrome always works. So sad, imho we will see some version 112.1 very soon, I bet you that this will be the real fact because it’s obvious that some unexpected bug is inside FF. :S

    1. GoogleMonopolyFuture said on April 16, 2023 at 12:06 pm
      Reply

      That’s a given considering google mostly dictates web standards nowadays.

      Youtube is owned by google & many websites prioritizing google chrome as their target browser before anything else that’s why some sites are either buggy or runs like crap when used on other browsers.

      But don’t worry, firefox is going to become chromified soon so there will only be one major browser.

    2. Georgie said on April 15, 2023 at 6:40 pm
      Reply

      The same reason I no longer use Firefox anymore. With every new version, there is a glitch on it. With Chrome everything works. I know I know this going to bother Google haters on this site but the fact is Chrome is popular for a reason…because it works all the time..I really don’t care for all that privacy none sense about Chrome. There’s nothing much you can do about it other than blocking ads and trackers with extensions.

      1. Tom Hawack said on April 16, 2023 at 12:02 pm
        Reply

        @Georgie,

        > “I really don’t care for all that privacy none sense about Chrome”

        Is it that you don’t care about your privacy as a whole or only when it comes to a browser known for its notorious privacy-invasive policies but fit for users who care only for an install and forget it easiness?

        My very neighbor runs Firefox out of the box and has never encountered the slightest issue. He happens to be annoyed by innovations but his overall experience with Firefox is such that he hasn’t “the slightest intention to discover any other browser” as he says.

        Other Firefox users as myself tweak Firefox intensively and encounter no issue. And tweaking concerns mainly modifying about:config prefs, some of which IMO should be opt-in rather than opt-out but whatever : those prefs exist and you may access them. I know also that many users play around with these settings’ availability and face issues when they’ve modified blindly and have no backup.

        Firefox here has always ran like a charm. Indeed more privacy you search for, more fine-tuning you introduce, greater is the need of attention, caution. But the result may be astonishing.

        Anyway, any privacy-invasive company relies on users who “really don’t care for all that privacy none sense”, and especially when it concerns their products. Be happy as Google is.

      2. John G. said on April 16, 2023 at 12:43 pm
        Reply

        @Tom Hawack, nice to read you again. Indeed Firefox has had for long five years a weird bug with MS Defender that makes it to eat some memory and a lot of CPU resources. I think that this bug has been solved recently. At the other hand, Firefox works very differently depending on the system, for example my sister has FF on an Intel i7 and she noticed no major issues (anyway her computer has W10 and 16Gb RAM). My mother uses Firefox for some buying sites and it’s working nice also with an Intel i3 with 8Gb RAM using W10. I have two computers with AMD inside and I notice several issues, mainly with the AMD disaster graphic drivers, horrible optimized as hell. Also I have noticed the same issues with version 112 with W11 and also with Ubuntu 22.04 LTS as well. So Firefox works nice, all right, until it doesn’t work nice, and you may notice that something is wrong because the issue is high noticeable. I meant that if Google Chrome has an issue, you probably won’t ever noticed it at all. Anyway @Tom, you are a very clever guy and probably your Firefox is better than expected due the highly tweaked changes that you did to it, nice for you! :]

      3. Tom Hawack said on April 16, 2023 at 1:45 pm
        Reply

        Hello @John G., nice to read you as well. You write, “Firefox works very differently depending on the system[…]” : I must say I’ve never ran Firefox on a different OS than Win7 (neighbor I mentioned above as well) nor with different hardware components. But issues in such environments, mainly when it comes to the OS and mainly when it comes to Windows post version 8.1 may be related to those very OSs : I’m tempted to believe that Windows 10/11 are built to favor Chromium-built browsers (Google, Edge) in disfavor of Firefox which would explain that most if not all reported Firefox issues I read concern users of Win10/11, especially those published on Reddit.

        Anyway, issues is one thing, privacy another. Striving to preserve one’s privacy should this mean choosing a privacy-oriented browser facing issues rather than another one running flawlessly at the price of privacy invasion is IMO an approach worth some user efforts. That’s how I see it and conceive it may not be everyone’s reasoning. For my part I can affirm that whatever the OS, whatever the hardware I will NEVER call upon Google Chrome nor Microsoft Edge browsers to visit the web : never.

      4. John G. said on April 16, 2023 at 10:50 am
        Reply

        @Georgie, I agree. Chrome works and that’s the only thing a browser should do: working!

  3. nealis said on April 15, 2023 at 10:02 am
    Reply

    How many zero days in a the past few months? Most secure browser ever since IE6.

    1. golden arms said on April 15, 2023 at 2:00 pm
      Reply

      it has now been 0 days since the last zero-day exploit of chromium

  4. Hitomi said on April 15, 2023 at 9:26 am
    Reply

    And again already actively exploited.. lol, was probably a mistake to bloat the thing so hopeless:
    The new flash.

    1. Iron Heart said on April 15, 2023 at 11:14 am
      Reply

      Hitomi the Firefox user acting as if his shite is more secure…

      1. Hitomi said on April 15, 2023 at 11:26 am
        Reply

        179.8 MByte chrome bloat vs 53.3 MByte fox.
        [https://fablesofaesop.com/the-fox-and-the-leopard.html]
        Aesop was ahead of his time.

      2. Iron Heart said on April 15, 2023 at 2:06 pm
        Reply

        @Hitomi

        Except your numbers are not even accurate.

        Also thanks for admitting that you are here to promote a certain product.

      3. Hitomi said on April 15, 2023 at 3:52 pm
        Reply

        Compressed offline installers, my redditspacing friend :^)

      4. Iron Heart said on April 15, 2023 at 6:43 pm
        Reply

        > :^)

        Thanks for admitting that you are Pinocchio.

  5. Shania said on April 15, 2023 at 8:30 am
    Reply

    Very thankful to the person (sorry I forgot name) who posted the following uBo filter. I have been using it for few weeks now. Finally I can browse skipping the softonic generated articles.

    ! Block articles from any author other than : Martin Brinkmann | Mike Turcotte | Ashwin :
    ghacks.net##:is(.hentry,a.home-posts):has-text(Carol van Zyl)
    ghacks.net##:is(.hentry,a.home-posts):has-text(Emre Çitak)
    ghacks.net##:is(.hentry,a.home-posts):has-text(Eray Eliaçik)
    ghacks.net##:is(.hentry,a.home-posts):has-text(Helena Bosnjak)
    ghacks.net##:is(.hentry,a.home-posts):has-text(Jesus)
    ghacks.net##:is(.hentry,a.home-posts):has-text(Kerem Gülen)
    ghacks.net##:is(.hentry,a.home-posts):has-text(Leri Koen)
    ghacks.net##:is(.hentry,a.home-posts):has-text(Onur Demirkol)
    ghacks.net##:is(.hentry,a.home-posts):has-text(Priyanka Monteiro)
    ghacks.net##:is(.hentry,a.home-posts):has-text(Russell Kidson)
    ghacks.net##:is(.hentry,a.home-posts):has-text(Shaun)
    ghacks.net##:is(.hentry,a.home-posts):has-text(Sponsored Content)
    ghacks.net##:is(.hentry,a.home-posts):has-text(Trevor Monteiro)
    ghacks.net##:is(.hentry,a.home-posts):has-text(Zakhi Mgutshini)
    !

    1. transsexualUSA said on April 16, 2023 at 9:36 am
      Reply

      @Shania, unfortunately, in Chromium, the specified authors are not blocked. Any idea how to make these rules work in Chromium?!

      1. Shania said on April 17, 2023 at 6:33 am
        Reply

        @transsexualUSA It is working for me in both Chromium and Edge. Perhaps check if “Parse and enforce cosmetic filters” and “Suspend network activity until all filter lists are loaded” these both settings are checked and “Ignore generic cosmetic filters is unchecked under Filter Lists.

      2. Shania said on April 17, 2023 at 6:42 am
        Reply

        https://www.ghacks.net/author/miketur/

        Mike Turcotte used to post about Linux however his last post was on June 6 2022. So Since he is not active anymore the filter could be modifed as

        ghacks.net##.hentry,.home-posts,.home-category-post:not(:has-text(/Martin Brinkmann|Ashwin/))

        I checked either of these filterlists work in both FF and Chromium/Edge with uBo. If they are not working the reason would be

        The changes are not saved and applied
        or
        Cosmetic filtering is being ignored
        or
        Some other addon is interfering.

      3. Tom Hawack said on April 17, 2023 at 12:47 pm
        Reply

        @Shania, I’m quite surprised to read you write “Mike Turcotte used to post about Linux however his last post was on June 6 2022. So Since he is not active anymore the filter could be modified as [Remove ‘Mike Turcotte’ from the filter]”

        What’s the aim of the filter? To bypass articles we presume to have been written either by bots either by humans using AI for the entirety or part of their articles.

        Applying such a filter is by itself tough given the presumption is not formal evidence. We may consider that we have sufficient arguments to carry on with such a filter, I do myself. But to push further even by arguing that a known author should be removed from the ‘keep only’ filter on the ground he/she hasn’t published for a while is, IMO, both an intellectual and ethical mistake. What next? Remove ‘Ashwin’ because he wouldn’t have published in the last three months? I am stunned, sorry to say it so straightforwardly.

      4. Shania said on April 17, 2023 at 5:42 pm
        Reply

        @Tom I am sorry but I think there’s been a misunderstanding. I only mentioned Mike Turcotte hasn’t posted in around 10.5 months, and and I like to keep the filters small. That is the only reason I suggested so.

        Of course anyone can edit the filters and read only specific authors as they want, there shouldn’t be any issue with that. I mean suppose someone say he would prefer to read softonic generated “How-to” or VPN articles and would hide Martin/Ashwin’s articles then that should be fine too.

      5. Tom Hawack said on April 17, 2023 at 6:13 pm
        Reply

        @Shania, no drama, no problem. As I understood it hereafter was ambiguous :

        “Mike Turcotte used to post about Linux however his last post was on June 6 2022. So Since he is not active anymore the filter could be modifed as ”

        “Since he is not active anymore”? To start with this is that is IMO a risky conclusion.

        Based on that conclusion, “the filter could be modified as” :

        1- if he doesn’t publish why include him in an exclusion list?
        2- What about his past articles, those which may be found when searching throughout Ghacks? With him included his articles wouldn’t appear in the search results.

        I’m sure you meant no harm and I’m no authority to decide of whatever, I only expressed an astonishment. Because carrying along with the logic of including in the filter known Ghacks authors who haven’t published for some time we could end up with :

        ! Block articles from any author other than : Martin Brinkmann :
        ghacks.net##.hentry,.home-posts,.home-category-post:not(:has-text(/Martin Brinkmann/))
        !
        and even, who knows?
        ! Block articles from any author other than : Martin Brinkmann | Mike Turcotte | Ashwin :
        ghacks.net##.hentry,.home-posts,.home-category-post:not(:has-text(//))
        !

        I mean, hey! :=)

      6. John G. said on April 17, 2023 at 10:56 am
        Reply

        @Shania thanks again! :]

      7. John G. said on April 16, 2023 at 12:31 pm
        Reply

        @transsexualUSA, I have uBlock Origin in MS Edge and those filters work, however you will notice that “my filters” option at filter lists should be marked, and also these filters should be pasted and saved (i.e. “apply changes”). There is also an alone filter provided by @Cassette that does this grateful whole job by itself:

        ghacks.net##.hentry,.home-posts,.home-category-post:not(:has-text(/Martin Brinkmann|Mike Turcotte|Ashwin/))

        However I don’t know who is Mike Turcotte. :S

      8. transsexualUSA said on April 16, 2023 at 7:55 pm
        Reply

        {{{[[[[[ @John G., the filters are in place and the changes are applied, but they don’t work for Chromium.

        >>>ghacks.net##.hentry,.home-posts,.home-category-post:not(:has-text(/Martin Brinkmann|Mike Turcotte|Ashwin/))>>> this filter works. But some articles stick to other articles, other places leave holes?!

        https://i.postimg.cc/FH7RXzCz/likj.png “”

    2. 1337 pUpp37 h4x0rz said on April 15, 2023 at 7:23 pm
      Reply

      No, I do not have the Chrome browser installed on any of my devices.

      Shania, it was originally; Tom Hawack on 7 April 2023, that posted that uBlock Origin filter (https://www.ghacks.net/2023/04/07/green-technology-driving-sustainable-development/#comment-4563426).

      Tom and others had genuine concerns about AI generated content being recklessly used to generate large portions of article text. Plus there was a potential lack of transparency as to whether such AI assistance had been used in several articles. Dozens of articles looked suspiciously like mainly AI generated text.

      It was also asked that AI also got credited in the author section when it was used in such an unaltered fashion.

      1. Shania said on April 17, 2023 at 6:30 am
        Reply

        Yes, thanks it was posted originally by Tom Hawack as 1337 pUpp37 h4x0rz mentioned.

    3. John G. said on April 15, 2023 at 6:57 pm
      Reply

      @Shania, these filters don’t work and anyway all articles are part of Ghacks for good or bad. I read all articles however I only write comments at @Martin and @Ashwin articles mainly all the time, because they often answer some comments and provide some kind of feedback to the users. :S

      1. Shania said on April 15, 2023 at 7:14 pm
        Reply

        @John G They work on firefox desktop and even mobile version. I even tested on a fresh install right now. Make sure to save the rules after pasting in uBo My filters page.

      2. John G. said on April 15, 2023 at 7:47 pm
        Reply

        @Shania, thanks, I forgot to save the rules (i.e. to apply the changes). :S

      3. John G. said on April 15, 2023 at 7:52 pm
        Reply

        @Shania I forgot also to check the box of “my filters”, very important thing to use the personal filters! I can’t remember the last time that I did something like this in uBlock Origin, and it’s also really amazing how time flies and things are forgotten so easy. :[

    4. Nameless said on April 15, 2023 at 5:22 pm
      Reply

      Thank you so much for this…I was really annoying with so many random none sense articles on this site…felt like a AI was written them..This site has gone downhill with this crap. The other day a popup window appeared from all the advertisers saying to Agree or disagree to their privacy policies . I blocked that one too with ubllock

    5. Anonymous said on April 15, 2023 at 12:08 pm
      Reply

      Thanks for the tip! That’s just what I needed.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.