Google has released an urgent security update that fixes a new Chrome zero-day vulnerability. “Google is aware that an exploit exists for CVE-2023-4863,” the company said in a security statement. The issue is described as a stack-based buffer overflow case found in the WebP image format.Urgent update for Google Chrome
Stack-based buffer overflow occurs when a program tries to write more data than necessary to a memory buffer allocated to it. In some cases, this type of vulnerability could allow attackers to perform arbitrary code execution, meaning that attackers can run any code they want on the affected system.
Google states that Apple Security Engineering and Architecture (SEAR) and Citizen Lab at the University of Toronto Munk School discovered and reported this vulnerability on September 6, 2023. However, the software giant avoids disclosing details about the vulnerability. Google does not provide information on how attackers might have exploited the vulnerability.
Chrome users are strongly recommended to update their web browsers to the latest version, 116.0.5845.187 for Mac and Linux, and 116.0.5845.187.188 for Windows. The new firmware is currently rolling out to users on the Stable and Extended stable channels and will be available to all users in the coming days.To update your Chrome browser, you can go to Chrome menu > Help > About Google Chrome. However, Google announced last month that it would release weekly security updates for Chrome and said that if a security vulnerability is detected, it will be addressed immediately.
56869
