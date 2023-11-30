Title: Google Discovers Critical Security Flaw in Chrome; Urges Users to Update Immediately

Subtitle: Exploit poses a severe risk of data extraction and system compromise

In a recent development, Google has revealed the presence of a security flaw in Chrome that affects users of Mac, Windows, and Linux. The flaw, rated as highly severe by the US government, has the potential to facilitate data extraction and compromise user systems. Google has urged all Chrome users to update immediately in order to safeguard their sensitive information.

Confirming the seriousness of the situation, Google disclosed that at least one real-life case of the exploit being used by malicious attackers has already been discovered. The bug, known as CVE-2023-6345, is an integer overflow weakness that targets Skia, the Chrome graphics engine.

The exploit can allow attackers to bypass security measures and escape the so-called “sandbox,” a mechanism that typically separates the browser from the rest of the operating system. Once outside the sandbox, attackers can easily infect systems and gain unauthorized access to user data.

While the bug was only discovered last week, it is already being actively exploited by cybercriminals. To prevent further attacks, Google has deliberately withheld specific details about the exploit. This decision aims to buy time for the development of a comprehensive fix that will address the vulnerability’s multiple angles of attack.

Fortunately, users who have enabled automatic updates for Chrome may already have received the necessary fix. However, those who rely on non-automatic updates are strongly advised to manually update their browsers to the latest version, specifically version 119.0.6045.199 for Mac and Linux, and version 119.0.6045.199/.200 for Windows. Chrome users using these versions or later are expected to be protected from this vulnerability.

Google has assured users that the fix will be rolled out progressively over the coming days and weeks, allowing ample time for all users to update their browsers. The company remains committed to the ongoing security of its users and encourages everyone to remain vigilant and take appropriate action to protect themselves from potential cyber threats.

In light of this discovery, it is critical for Chrome users to proactively update their browsers to protect against the potential extraction of their personal data. By keeping their browsers up to date, users can ensure a safer online experience and maintain the confidentiality of their sensitive information.

