The program can request blocks of memory for its use within the heap. The heap is an area of memory made available use by the program. In software exploit code, two common areas that are targeted for overflows are the stack and the heap. The zero-day patched in this update is listed as:ĬVE-2023-4863: a heap buffer overflow in WebP, also described as a vulnerability that resides in the WebP image format which could lead to arbitrary code execution or a crash.Ī buffer overflow is a type of software vulnerability that exists when an area of memory within a software application reaches its address boundary and writes into an adjacent memory region. The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. However, from the update page we can learn a few things. Access to bug details and links may be kept restricted until a majority of users are updated with a fix. Google never gives out a lot of information about vulnerabilities, for obvious reasons. Then all you have to do is relaunch the browser in order for the update to complete.Īfter the update, the version should be 1.187 for Mac and Linux, and 1.187/.188 for Windows, or later. If there is an update available, Chrome will notify you and start downloading it. My preferred method is to have Chrome open the page chrome://settings/help which you can also find by clicking Settings > About Chrome. And now would be a good time, given the severity of the vulnerabilities in this batch. So, it doesn’t hurt to check now and then. But you can end up lagging behind if you never close the browser or if something goes wrong-such as an extension stopping you from updating the browser. The easiest way to update Chrome is to allow it to update automatically, which basically uses the same method as outlined below but does not require your attention. If you’re a Chrome user on Windows, Mac, or Linux, you should update as soon as possible. There is an active exploit for the patched vulnerability, according to Google, which means cybercriminals are aware of the vulnerability and are using it. Google has released an update for Chrome Desktop which includes one critical security fix.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |