Google's Chrome browser, used by over three billion users worldwide, recently encountered its first Zero-Day exploit of the year. In response, Google has issued an urgent update to address the discovered vulnerability, CVE-2023-2033, which affects Chrome on Windows, Mac, and Linux platforms. The exploit, identified as a "Type Confusion in V8," occurs when an incompatible method accesses a resource initialised by a different method, potentially exposing the browser's memory to unauthorised access. The vulnerability was discovered by Google's Threat Analysis Group, but unfortunately, a patch was not developed before the first exploits began.
How To Update Chrome
To protect your browser, it is crucial to update Chrome immediately. To do so, click the overflow menu bar (three vertical dots) in the browser's top right corner, then navigate to Help > About Google Chrome. This action will force Chrome to check for browser updates. After the update is complete, be sure to restart the browser to ensure full protection. Google has made significant progress in patching Chrome vulnerabilities this year, as evidenced by the fact that it took until April for the first Zero-Day exploit to emerge. In comparison, Chrome experienced 15 Zero-Day exploits in 2021 and nine in 2022.
Reducing Chrome Vulnerabilities
Google's success in reducing vulnerabilities can be attributed to its robust reporting system and high bounties paid for the discovery of security issues, incentivising researchers to disclose their findings to Google rather than hackers. In 2022, Google paid over $12 million in bug bounties, including a record single bounty of $605,000 for a critical exploit. Despite this progress, Chrome's dominance in the browser market means it remains a prime target for attackers. Google warned in March 2022 that Zero-Day attacks would likely continue to rise, so users must stay vigilant and promptly apply updates to ensure the security of their browsing experience.
Comments