Google Patches High-Severity Zero-Day Exploit in Chrome and Chromium-Based Browsers

Despite the patch, an estimated 4 billion people may still be affected due to the time it takes for the update to reach all users.

Google has patched a high-severity zero-day exploit in Chrome and Chromium-based browsers that was being actively exploited, but an estimated 4 billion people may still be affected.
The exploit, labelled CVE-2023-6351, is an integer overflow issue in Skia, an open source 2D graphics library used by these browsers.
Google's Threat Analysis Group discovered the exploit on November 24, and it has since been patched along with a number of other security fixes.
Despite the patch, it may take some time for the update to spread to all affected devices.
Users are advised to keep their software updated at all times and to pay attention to potential fixes that may not have yet reached their machine.