San Francisco, June 10 (Ians) Google has issued a security update for the Chrome web browser to address the third zero-day vulnerability exploited by hackers this year. “Google is aware that an exploit for Cve-2023-3079 exists in the wild,” Google said in a blogpost.
The company has not released details about the exploit and how it was used in attacks, instead focusing on the severity and type of flaw.
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed,” the company said.
According to BleepingComputer, Cve-2023-3079 is a high-severity vulnerability discovered on June 1, 2023, by Google researcher Clement Lecigne. It is a type confusion in V8, Chrome’s JavaScript engine tasked with executing code within the browser.
The company has not released details about the exploit and how it was used in attacks, instead focusing on the severity and type of flaw.
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed,” the company said.
According to BleepingComputer, Cve-2023-3079 is a high-severity vulnerability discovered on June 1, 2023, by Google researcher Clement Lecigne. It is a type confusion in V8, Chrome’s JavaScript engine tasked with executing code within the browser.
- 6/10/2023
- by Agency News Desk
- GlamSham
New Delhi, March 17 (Ians) Google security teams have discovered 18 zero-day vulnerabilities in Samsung Exynos chips used in several top Android smartphones and wearables that may put those devices at risk.
Google’s Project Zero head Tim Willis said in a blog post that four most severe of these vulnerabilities “allowed for Internet-to-baseband remote code execution”.
Tests conducted by Project Zero confirmed that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim’s phone number.
With limited additional research and development, “we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely”, said Google security researchers.
“Until security updates are available, users who wish to protect themselves from the baseband remote code execution vulnerabilities in Samsung’s Exynos chipsets can turn off...
Google’s Project Zero head Tim Willis said in a blog post that four most severe of these vulnerabilities “allowed for Internet-to-baseband remote code execution”.
Tests conducted by Project Zero confirmed that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim’s phone number.
With limited additional research and development, “we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely”, said Google security researchers.
“Until security updates are available, users who wish to protect themselves from the baseband remote code execution vulnerabilities in Samsung’s Exynos chipsets can turn off...
- 3/17/2023
- by News Bureau
- GlamSham
IMDb.com, Inc. takes no responsibility for the content or accuracy of the above news articles, Tweets, or blog posts. This content is published for the entertainment of our users only. The news articles, Tweets, and blog posts do not represent IMDb's opinions nor can we guarantee that the reporting therein is completely factual. Please visit the source responsible for the item in question to report any concerns you may have regarding content or accuracy.