The vulnerability is addressed by Google Chrome as 1.132 and is being rolled out worldwide to Windows, Mac and Linux users in the Stable Desktop channel. This will roll out over the coming days/weeks. Google released an update yesterday explaining that it is “aware that an exploit for CVE-2023-5217 exists in the wild”, alongside a list of fixes for 2023’s other Google exploits. Labels: Chrome for iOS, Stable updates Stable Channel Update for Desktop Tuesday, DecemThe Chrome team is delighted to announce the promotion of Chrome 120 to the stable channel for Windows, Mac and Linux. These kinds of bugs can lead to systems malfunctioning and crashing, the tech giant said. The vulnerability, tracked as CVE-2023-5217, is the second of this kind of zero-day exploit this month after Google acknowledged a heap buffer overflow flaw in encoding another web code library called WebP on 12 September. This latest exploit is caused by another heap buffer overflow weakness in encoding open-source software library Libvpx. Google releases patch for fifth zero-day vulnerability this year (Photo by Uladzik Kryhin/Shutterstock) These flaws are widespread, spanning browsers and streaming sites, and appear to have been used by commercial surveillance vendors. The exploit has been given a severity rating of 10, which is the highest possible. Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 1.132 and. Google has released a patch for the second critical zero-day vulnerability of the year in its browser, Chrome.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |