This past Tuesday, Google sent out a new security update to fix a flaw that’s recently been discovered. The update is for Chrome browsers on Macs, as well as Windows and Linux. It’s the sixth time this year that Chrome has had an actively exploited vulnerability, according to Android Central.
At the moment, there’s not a lot known about the current zero-day vulnerability threat, since Google hasn’t released further details about the threat. However, the security vulnerability has been tracked by the National Vulnerability Database as CVE-2023-6345 since November 24 and has categorized the Chromium security severity as “High.” But there has been no information regarding how long the flaw might have allowed systems to remain vulnerable before it was addressed in late November.
It also stated that this "vulnerability is currently undergoing analysis and not all information is available." It advised readers also to check back soon to view the completed vulnerability summary.
How long did the zero-day security flaw allow systems to remain vulnerable?
According to Google's Stable Channel release notes about the threat, "Google is aware that an exploit for CVE-2023-6345 exists in the wild." The release notes also state that the "Stable channel has been updated to 119.0.6045.199 for Mac and Linux and 119.0.6045.199/.200 for Windows, which will roll out over the coming days/weeks."
Although there isn't a lot of detail about the vulnerability, Android Central said what is clear is that it's "related to Google's Skia graphics library. Skia is open-source and is used in Chrome, among other Google apps and software, like ChromeOS." The article also indicated that an integer overflow error, "within Skia in Chrome could allow remote hackers to do a sandbox escape with a malicious file, making the execution of arbitrary code possible."
What's also unclear is the severity of the flaw. But for now, what's certain is that you’ll want to make sure that your Google Chrome browser is updated and patched to avoid having a security flaw that might leave your system vulnerable to attack.
More from iMore
Master your iPhone in minutes
iMore offers spot-on advice and guidance from our team of experts, with decades of Apple device experience to lean on. Learn more with iMore!
Terry Sullivan has tested and reported on many different types of consumer electronics and technology services, including cameras, action cams, mobile devices, streaming music services, wireless speakers, headphones, smart-home devices, and mobile apps. He has also written extensively on various trends in the worlds of technology, multimedia, and the arts. For more than 10 years, his articles and blog posts have appeared in a variety of publications and websites, including The New York Times, Consumer Reports, PCMag, Worth magazine, Popular Science, Tom’s Guide, and Artnews. He is also a musician, photographer, artist, and teacher.