Google Issues New Warning For 3 Billion Chrome Users :Over three billion people use Chrome globally now, but everyone has to upgrade their browser right away after Google found the browser’s first Zero Day flaw this year.
Google verified the Zero Day vulnerability’s discovery in a recent blog post, noting that it affects Chrome on Windows, Mac, and Linux. Google said that it is aware of the existence of an exploit.
CVE-2023-2033, the vulnerability, is caused by “Type Confusion in V8.” When a program uses one technique to create or initialize a resource, but a different mechanism is later used to access that resource, it may be possible to get unauthorized access to the memory of the browser. Google’s Threat Analysis Group found the flaw, but no solution could be developed before the first Chrome exploits appeared.
The good news is that Google has released a fix, and you must immediately upgrade Chrome to receive it. To accomplish this, select Help > About Google Chrome from the overflow menu bar (three vertical dots) in the top right corner of the browser. By doing this, Chrome will be made to check for browser upgrades. You must restart the browser when the update is finished if you want your security to be complete. This year, Google did a fantastic job fixing Chrome vulnerabilities, thus it is amazing that it took until April before the first Zero-Day exploit was discovered.
The fact that Chrome is the most dominant browser and so has the largest target on its back makes this improvement no small accomplishment. Google actually forewarned consumers that it should anticipate an increase in the amount of Zero Day assaults in March 2022, but as a result, the business has been tremendously effective in slowing the flood.
There are a number of causes for this, but one of them is Google’s comprehensive reporting mechanism and substantial rewards for vulnerabilities, which incentivize security experts to sell Google their discoveries rather than to hackers. As an illustration, Google spent over $12M on bug bounties in 2022, including a record-breaking $605,000 for a single crucial vulnerability.
Having stated that, there is no time to spare as today is the first Chrome Zero Day of 2023.