It's the second such incident in this month alone, after Google was forced to issue a Chrome update consisting of multiple emergency security updates for several reported zero-day vulnerabilities just a few days ago. The update is available now for Google Chrome users on Windows, Mac, and Linux users, who can download it in the Stable Desktop channel. "We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed." Bundle The Bundle download includes the Chrome MSI installer, ADM/ADMX templates with 300+ user and device policies, Legacy Browser Support Native Host and manageable automatic updates. "Access to bug details and links may be kept restricted until a majority of users are updated with a fix," Google's security advisory added. Download Chrome browser for Windows devices in your business by choosing between our stable or beta Bundle and MSI options. The company confirmed CVE-2023-5217 has been exploited and used in cyberattacks, but did not share further information regarding these incidents. Tracked as CVE-2023-5217, the high-severity vulnerability has been described as a heap-based buffer overflow in the VP8 compression format in libvpx, a free software video codec library from Google and the Alliance for Open Media (AOMedia). iOS customers are also treated to a new version of Chrome this week packing. Google on Wednesday rolled out fixes to address a new actively exploited zero-day in the Chrome browser. The flaw, which is ranked as high-severity, was reported by Google Threat Analysis Group (TAG) security researcher Clément Lecigne. install spyware on devices running vulnerable versions of Chrome.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |