• Source:JND
Add as a preferred

GOOGLE Chrome is one of the popular web browsers used across the globe to access the internet. According to Statista, it serves over 3.2 billion users worldwide in 2021. And to ensure they are safe on the web, the user must keep their browser up-to-date. We say this because Google has identified the first zero-day vulnerability of 2023.

Google, on Friday, published a release copy acknowledging the existence of an exploit, "CVE-2023-2033." Windows, Mac and Linux users must update to version "112.0.5615.121" at the earliest that has fixed the security issue. The update will be rolling out in the coming days/weeks, the Chrome Releases page highlights.

The exploit creates confusion in the V8 JavaScript engine to allow a hacker to exploit "heap corruption" via a prepared HTML page, according to National Vulnerability Database. The exploit was "reported by Clément Lecigne of Google's Threat Analysis Group [TAG] on 2023-04-11." TAG is Google's latest effort to counter "government-backed attacks," states the TAG website.

"Google is aware that an exploit for CVE-2023-2033 exists in the wild," the tech giant said. But no detailed report is out as of now.

How To Update?

Step 1: Open Chrome browser.

Step 2: Click on the 'three dots' below the cross button at the top right.

Step 3: Locate Help, and then click on 'About Google Chrome' to head to the updates page.

Step 4: The browser will automatically check for an update.

Step 5: Once the downloading is finished, click 'Relaunch' to finish the update.

Make sure to tally the version number. If you are facing issues with downloading, connect to Wi-Fi or a stable internet connection or try reinstalling Google Chrome or restarting the computer.

On a related note, the Mountain View-headquartered giant incentivises bug and vulnerability hunting in Google products via the Vulnerability Reward Program(VRP). Google, in 2022, via this program rewarded $3.5 million to bug hunters who reported security bugs in the Chrome browser. A total of $12 million in rewards was dispersed to security researchers through the VRP program.