Google has recently taken prompt security measures by releasing a security update for its Chrome web browser, aiming to fix the third zero-day vulnerability of this year that hackers have exploited.
The third Chrome zero-day vulnerability that was fixed recently by Google has been tracked as “CVE-2023-3079.”
Exploitation of Zero-day
Detailed information regarding the exploit and its application in attacks has not been disclosed by the company, with the focus limited to highlighting the severity of the flaw and its classification.
In the event of discovering a new security flaw, Google always follows its traditional protocol of not disclosing any technical information or data related to the flaw.
This action aims to ensure users’ protection until a significant portion of them have successfully migrated to the secure version.
Not only that even this approach also restricts malicious actors from exploiting the disclosed information to create additional exploits.
Google’s researcher, Clément Lecigne, uncovered CVE-2023-3079 on June 1, 2023, marking it as a high-severity vulnerability.
This flaw resides in V8, Chrome’s JavaScript engine that is responsible for the interpretation and execution of code in the browser.
Type confusion bugs occur when the engine incorrectly identifies the object’s type at runtime, which can result in dangerous manipulation of memory and the execution of arbitrary code.
Top comments (0)