Latest Chrome Browser Update Fixes Critical Security Flaw
Google has issued a critical security update for Chrome on macOS, Windows, and Linux that fixes a zero-day vulnerability in the browser. On Tuesday, Google in a Chrome stable channel update said it "is aware that an exploit for CVE-2023-6345 exists in the wild."
Google has not provided further details about the CVE-2023-6345 exploit, which was discovered last week by security researchers in Google's Threat Analysis Group (TAG). However, it is believed to be related to Skia, the open-source 2D graphics library in the Chrome graphics engine.
According to the notes for the macOS update 119.0.6045.199, the exploit allowed at least one attacker to "potentially perform a sandbox escape via a malicious file," which could theoretically result in arbitrary code execution and data theft.
Users who have Chrome browser set up to automatically update should not need to do anything. Anyone else is advised to manually update immediately (version 119.0.6045.199 on macOS) to avoid the risk posed by the zero-day exploit. In Chrome settings, click the About Chrome tab, and click Update Google Chrome. If there is no option to update, you are already on the latest version.
(Via Android Central.)
Popular Stories
OpenAI today launched Codex for Chrome, a Chrome extension that lets Codex work directly in the browser on Macs and PCs.
With the extension, Codex can use the browser to test web apps, get context across multiple tabs, use web DevTools, and more without taking over the browser from the user.
OpenAI says that after it launched Computer Use in the desktop Codex app, it saw that most common...
Apple recently announced that Tim Cook will be stepping down as CEO later this year, after 15 years of leading the company.
Effective September 1, Apple's hardware engineering chief John Ternus will become the company's next CEO, while Cook will become executive chairman of Apple's board of directors. In his new role, Apple said Cook will assist with "certain aspects" of the company,...
Instagram will remove end-to-end encryption for direct messages between users from May 8, 2026. When the date comes around, Meta will potentially be able to see the contents of all messages between users on the social media platform.
Encrypting messages has been an optional feature in Instagram since 2023, but in March of this year the social media platform quietly updated a help page to say ...
