Google Resolves Third Zero-Day Vulnerability in Chrome for 2023
The third zero-day vulnerability found in 2023 has been fixed by Google with a significant security upgrade for the Chrome browser.
Two bugs are fixed in Chrome 114, the most significant of which is CVE-2023-3079. The V8 JavaScript engine is vulnerable due to a type of misunderstanding problem. Since its discovery on June 1st, it has been actively used in the wild.
Regarding the attacks linked to CVE-2023-3079, Google has not made any detailed disclosures. However, the fact that Clement Lecigne of Google‘s Threat Analysis Group found the flaw raises the possibility that a commercial spyware vendor may have used it.
Commercial spyware manufacturers frequently promote their products for licit government surveillance. Unfortunately, tyrannical regimes have frequently exploited these methods to eavesdrop on opponents and dissenters.
Our Readers ALSO READ
A Comprehensive Look at Spyware Found in Google Play Apps
Many times, spyware developers build intricate attack chains that primarily target Android devices using Chrome vulnerabilities. This emphasizes how crucial it is to fix browser flaws on multiple platforms and gadgets to guarantee complete security.
Google has announced a higher payment through its bug bounty program to entice researchers to find and disclose such vulnerabilities. For a limited time, they will pay up to $180,000 for a complete chain exploit that enables a Chrome sandbox escape.
Nine zero-day vulnerabilities in Chrome were successfully found and fixed in 2022 by Google‘s Threat Analysis Group. This highlights the ongoing requirement for strong browser security measures to shield users from changing threats and guarantee a secure browsing environment.
Like this article? Follow our LinkedIn, Facebook, and Twitter Handles for daily exclusive content like this.
