Update Chrome ASAP! Critical security issue exploited in the wild
Chromeusers are encouraged to update the stable version of the web browser to the new version immediately to protect the browser against potential attacks.
This is done easily on desktop systems: just load chrome://settings/help in the browser’s address bar and wait for Chrometo find and download the security update. The page displays the installed version as well, which should be the following after the installation of the update:
Chromeon Linux or Mac systems: 116.0.5845.187
Chromeon Windows devices: 116.0.5845.187 or 116.0.5845.188
Chrome ExtendedStable for Mac: 116.0.5845.187
Chrome ExtendedStable for Windows: 116.0.5845.188
The critical security issue
WebP is an image format that "provides superior lossless and lossy compression for images on the web" according to Google. Google notes further that WebP images are on average 26% smaller in size compared to PNG images, and between 25% and 34% smaller than JPEG images.
WebP is a common image format on the Internet. While Googleoffers no additional details on the vulnerability, it does warn users that the issue is exploited in the wild already. It is possible that the issue could be exploited by merely opening a website with specially crafted WebP images in Chrome is enough, but that is speculation at this point.
The security issue, CVE-2023-4863, is the fourth
0-dayvulnerability that Google patched in Google Chrome in 2023 . The previously fixed 0-day security issues were:
Google Chromeusers should update the web browser immediately to patch the issue and protect the web browser against exploits. It is unclear if other Chromium -based browsers are also affected by the issue, but it seems likely. Watch out for security update notifications for Microsoft Edge, Brave , Vivaldi or Opera , if these browsers are used.
Summary Article Name Update Chrome ASAP! Critical security issue exploited in the wild Description Googlereleased an emergency security update for its Chrome web browser that addresses a critical security issue that is exploited in the wild. Author Martin Brinkmann Publisher Ghacks Technology News Logo