.svg)
.svg)
Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability - Update Now!
![[#if smallImage??]
[#if smallImage?is_hash]
[#if smallImage.alt??]
${smallImage.alt}
[/#if]
[/#if]
[/#if]](
/image/journal/article?img_id=63641&t=1734792393465
)
Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild.
Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine.
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
The tech giant, as is typically the case, did not disclose details of the nature of the attacks, but noted it's aware that an exploit for CVE-2023-3079 exists in the wild.
With the latest development, Google has addressed a total of three actively exploited zero-days in Chrome since the start of the year.
CVE-2023-2033 (CVSS score: 8.8) - Type Confusion in V8
CVE-2023-2136 (CVSS score: 9.6) - Integer overflow in Skia
Users are recommended to upgrade to version 114.0.5735.110 for Windows and 114.0.5735.106 for macOS and Linux to mitigate potential threats. Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.