Google releases emergency update to patch Chrome vulnerability
In its statement, Google said it discovered the vulnerability CVE-2023-4863 exists and is described as a heap buffer overflow located in the WebP image format.
To put it into perspective, a heap buffer overflow occurs when a program tries to write more data to the allocated buffer than the buffer was actually designed to hold. Under certain circumstances, this vulnerability could allow attackers to execute arbitrary code, meaning they could run code of their choosing on the affected system.
Google credits Apple Security Engineering and Architecture (SEAR) and Citizen Lab at the University of Toronto for discovering and reporting the vulnerability on September 6, 2023. However, Google has refrained from disclosing details about the bug, and has not provided information on how attackers could exploit the vulnerability.
Chrome users are encouraged to update their web browsers to the latest versions, Chrome 116.0.5845.187 for Mac and Linux and Chrome 116.0.5845.187.188 for Windows. This update is essential because it addresses the vulnerability CVE-2023-4863.
The new firmware is currently rolling out to users in the Stable and Extended stable channels before reaching everyone in the coming days or weeks. The update is available to download when users check for new updates on their Windows PC through the Chrome > Help > About Chrome menu.
The latest vulnerability emerged after Google announced in August that it would release weekly security updates to users of Chrome's Stable channel. The company said it will quickly resolve and issue an unscheduled patch for Chrome if it detects a security vulnerability that is being widely exploited.
You should read it
- Google Chrome is now 23% faster, have you tried it?
- Google Chrome temporarily prevents sideload of extensions
- Google Chrome released Chrome 15 beta
- Google released Google Chrome 26
- Put Google as the homepage on Google Chrome
- Fix the Google Chrome sync feature not working
- The latest ways to fix faulty Google Chrome 2022
- Google launched Chrome 33, patched 7 new security bugs
- Top 10 best Google Chrome extensions to avoid distractions when working
- Please download Google Chrome 62 for Windows, Mac and Linux
- How to restore Google Chrome tab on your phone
- Google released Chrome 70 with many new improvements
Maybe you are interested
There is a serious security vulnerability that has existed for 18 years in AMD processors, but it is not too worrying
A dangerous vulnerability that has existed for 18 years threatens millions of AMD Ryzen and EPYC CPUs
Google Workspace security vulnerability caused thousands of user accounts to be attacked
Thousands of iOS apps could be at risk because of an open source vulnerability
Serious vulnerability in OpenSSH threatens millions of servers
Should we be worried about the iPhone vulnerability that forces iMessage to be disabled?