![]() ![]() Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available. Users are recommended to upgrade to Chrome version 1.132 for Windows, macOS, and Linux to mitigate potential threats. The development comes as Google assigned a new CVE identifier, CVE-2023-5129, to the critical flaw in the libwebp image library – originally tracked as CVE-2023-4863 – that has come under active exploitation in the wild, considering its broad attack surface. It's also suspected that the Israeli spyware maker Cytrox may have exploited a recently patched Chrome vulnerability (CVE-2023-4762, CVSS score: 8.8) as a zero-day to deliver Predator, although very little information is currently available about the in-the-wild attacks. CVE-2023-4863 (CVSS score: 8.8) - Heap buffer overflow in WebP.CVE-2023-2136 (CVSS score: 9.6) - Integer overflow in Skia.The latest discovery brings to five the number of zero-day vulnerabilities in Google Chrome for which patches have been released this year. Traditional security measures won't cut it in today's world. Beat AI-Powered Threats with Zero Trust - Webinar for Security Professionals ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |