Google released a new update for its Google Chrome browser, in which it introduced a series of fixes, including a solution to a zero-day security flaw registered as CVE-2023-6345 exploited by malicious actors.
The company shared seven security fixes to eliminate bugs and vulnerabilities found in the previous version of the browser, framed in update 119.0.6045.199 of Google Chrome for Mac and Linux, and i- update 119.0.6045.199 /.200 for Windows, which is implemented “in the coming days.”
As explained in a statement on his blog, in this update, a zero-day vulnerability has been corrected, that is, a bug that was discovered and exploited by malicious actors before it was discovered. to the developers.
Specifically, as stated by Google’s Threat Analysis Group, “there is an ‘exploit'” of the vulnerability included in the CVE-2023-6345 fix, rated “high” in severity. In other words, the use of ‘software’ or data fragments that exploit the wrong query and can cause security problems, both on the devices and at the ‘software’ level, are already known.
However, the company explained that it will not provide access to more details of this vulnerability “until the majority of users have been updated with a solution.” In this way, the goal is to prevent the development of new threats that can also exploit this flaw.
Google also indicated that it will continue these restrictions on access to the details of the vulnerability, if the bug is in a third-party library “that other projects are equally dependent on and have not been fixed.”
The fix for this security flaw only targets the version of Google Chrome for Mac, Linux and Windows, so the browser app for iOS and Android is not affected for now. In all of this, to avoid possible security consequences, the company recommends users to download the new Chrome update.