Google releases an emergency update to fix a security bug: Chrome, Edge, and all other Chromium browsers are at risk.
In Google Chrome, Microsoft Edge and all other Chromium-based browsers (most of those on the market), a dangerous security bug risks user data. It is a ” zero-day ” type vulnerability, i.e. not identified by the developers when the application code was written and which does not give them even a day: it must be resolved immediately.
The vulnerability has already been identified by hackers, so much so that Google claims it has even been exploited to carry out attacks. The good news is that there’s already an update for Chrome, Edge, and other browsers that keeps computers safe. But it must be installed if needed manually.
Chrome: The CVE-2023-2033 Bug
The bug in question has been classified as CVE-2023-2033, and, strangely (but not too much), Google has yet to release practically any information about it. Of the bugs, there is not even the classic ” score “, which indicates how dangerous it is, from 1 to 10.
When large companies say there is a bug but do not provide further details, it usually means that the bug is serious, and any detail could favor the work of those who want to exploit it for criminal purposes.
Indeed, the fact that Google has urgently released a security patch outside of the classic Chrome update schedule tells us that, for sure, this is no small bug.
We know that it is a vulnerability related to the V8 JavaScript engine and is common to all versions of Chrome for computers: Windows, Linux and macOS. However, the smartphone versions seem like they need to be more interesting.
We also know that the vulnerability also affects Edge, as Microsoft confirmed by releasing a specific patch to download and install as soon as possible.
In any case, it would be a type of confusion vulnerability. These vulnerabilities, as Italian cybersecurity firm Cyberment explains, make it possible to:
- Access memory spaces without authorization
- Cause browser crashes
- Execute arbitrary code on compromised devices
In practice, exploiting the CVE-2023-2033 vulnerability makes it possible to crash a computer with Chrome (Edge or one of the other browsers) or, even worse, to run applications secretly. So also install malware of various types to spy on the user, steal his data, attack his bank account, etc.
How To Update Chrome And Edge
The update that fixes the CVE-2023-2033 bug and secures PCs is available now. To install it, open the browser’s main menu (the one at the top right, with the three vertical dots) and go to Settings> About Chrome (or About Edge).
Here we will find the currently installed version number and a button to search, download and install all available updates.