April 15, 2023Rabbi LakshmananZero-day / browser security

On Friday, Google released an out-of-band update to resolve an actively exploited zero-day vulnerability in its Chrome web browser.

tracked as CVE-2023-2033high-severity vulnerabilities are type confusion problem With the V8 JavaScript engine. Clement Lecigne of Google’s Threat Analysis Group (TAG) reported this issue on April 11, 2023.

“Type confusion in V8 of Google Chrome prior to 112.0.5615.121 could allow a remote attacker to exploit heap corruption via a crafted HTML page.” according to To NIST’s National Vulnerability Database (NVD).

technology giant Admitted It states that “exploits for CVE-2023-2033 do exist,” but did not go so far as to share additional technical details or indicators of compromise (IoCs) to prevent further exploitation by threat actors. bottom.

CVE-2023-2033 also appears similar to CVE-2022-1096, CVE-2022-1364, CVE-2022-3723, and CVE-2022-4262. This is another of his four type confusion flaws actively exploited in V8 and fixed by Google. 2022.

upcoming webinars

Master the Art of Dark Web Intelligence Gathering

Learn the art of extracting threat intelligence from the dark web – join us for this expert-led webinar!

Save my seat!

Google ended a total of nine zero days in Chrome last year. The development is expected in 2021 by Citizen Lab and Microsoft to expose the exploitation of a now-patched flaw in Apple iOS by a customer of a shadowy spyware vendor named QuaDream, to expose journalists, opposition figures, and NGOs. This comes just days after it revealed in 2021 that it had targeted workers in

We recommend upgrading to version 112.0.5615.121 for Windows, macOS, and Linux to mitigate potential threats. Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also encouraged to apply the fix as it becomes available.

Did you find this article interesting?Please follow us twitter and LinkedIn To read more exclusive content that we post.



Register now for our membership to gain access to our elite training program and fast forward your career today!


Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ©️ All rights reserved. | Blue Training Academy Blog