Particle.news
Download on the App Store
9 ARTICLES
·
last yr.

Google Patches High-Severity Zero-Day Exploit in Chrome and Chromium-Based Browsers

Despite the patch, an estimated 4 billion people may still be affected due to the time it takes for the update to reach all users.

Overview

  • Google has patched a high-severity zero-day exploit in Chrome and Chromium-based browsers that was being actively exploited, but an estimated 4 billion people may still be affected.
  • The exploit, labelled CVE-2023-6351, is an integer overflow issue in Skia, an open source 2D graphics library used by these browsers.
  • Google's Threat Analysis Group discovered the exploit on November 24, and it has since been patched along with a number of other security fixes.
  • Despite the patch, it may take some time for the update to spread to all affected devices.
  • Users are advised to keep their software updated at all times and to pay attention to potential fixes that may not have yet reached their machine.