[ad_1]
Hey Chrome, are you feeling okay? As a result of that is the second time in simply 5 days that you simply’ve been patched for a zero-day vulnerability. Final Friday Google launched a patch that mounted a problem within the browser’s JavaScript engine, however at this time’s bug is within the Skia graphics library. Chrome customers on Home windows and Mac can obtain and apply the replace proper now, whereas Linux and different platforms ought to see the replace within the subsequent few days.
Resist the urge to push that replace again, as a result of this isn’t one thing that you must ignore. Like final week’s bug, it’s being actively exploited “within the wild,” in keeping with Google’s publish on the Chrome Releases web page. (by way of Bleeping Pc). In contrast to the opposite safety bugs mounted on this replace, which have been reported by members of the Vulnerability Analysis Institute and paid out in $20,000 of whole bug bounties, the crucial flaw was found by Clément Lecigne of Google’s Menace Evaluation Group.
It’s been precisely one week for the reason that CVE-2023-2136 bug was recognized, which is a reasonably good turnaround for an organization that’s bigger in greenback phrases than a number of nations. Particulars on precisely how the bug is being exploited aren’t out there — presumably Google doesn’t need anybody else becoming a member of in on no matter they’ve seen occurring within the wild.
[ad_2]
Source link