Google patches exploited security issue in Chrome: update asap
Google has released an update for Chromium and Google Chrome that addresses a security issue in the web browser that is exploited in the wild. Exploited in the wild means that Google is aware of attacks on the Internet that target this vulnerability.
The issue affects Chromium, the open source core of Chrome and many other browsers, including Microsoft Edge, Opera, Vivaldi and Brave Browser. Some organizations have published updates for their browsers already that address the issue, others are still working on updates.
Google published information about the new release on the official Chrome Releases website. There, the company informed users that it has fixed two security issues in the Chrome browser, one of which patches a vulnerability that is exploited in the wild.
The second vulnerability is not disclosed publicly, which Google does when a security issue is detected internally by the company.
Google provides the following information on the issue:
[$NA] High CVE-2023-3079: Type Confusion in V8. Reported by Clément Lecigne of Google's Threat Analysis Group on 2023-06-01. Google is aware that an exploit for CVE-2023-3079 exists in the wild.
The patch is available for Chrome Stable and Chrome Extended Stable for all supported desktop platforms.
Chrome users may load chrome://settings/help in the browser's address bar, or select Menu > Help > About Google Chrome to display the current version. Opening the page starts an automatic check for updates and any updated version is downloaded to the system at that point. A restart of the browser is required to complete the update.
The version of Google Chrome is the following one after the installation of the update:
- Chrome for Mac and Linux: 114.0.5735.106
- Chrome for Windows: 114.0.5735.110
Other Chromium-based browsers affected
All other Chromium-based browsers are affected by the security issue. Some have been updated already, including the following ones:
- Microsoft Edge was updated to version 114.0.1823.41 on June 6, 2023 to fix CVE-2023-3079, which is the security issue that Google has stated is being exploited in the wild.
- Brave Software has updated the company's Brave Browser to version 1.52.122 on June 6, 2023 to address the security issue in Chromium.
- Vivaldi Software released a minor update for the stable version on June 5, 2023 to address the critical security issues.
- Opera Software has released an update on June 8, 2023.
All users who run Chromium-based browsers on their desktop devices may want to update their web browsers immediately, provided that an update has been released that is addressing the security issue in the browser.