Google just released an emergency update for Chrome. In a new blog post, Google confirmed the discovery of the Zero Day vulnerability and it impacts Chrome on Windows, Mac and Linux. Google also confirmed it is aware that an exploit exists in the wild.
The vulnerability, CVE-2023-2033, stems from a “Type Confusion in V8.” This occurs when a program uses one method to allocate or initialize a resource, but an incompatible method then accesses that resource, potentially providing unsecured access to the browser’s memory.
What You Should Do
A patch now exists and you need to update Chrome immediately to get it. To do this, click the overflow menu bar (three vertical dots) in the browser’s top right corner, then Help > About Google Chrome. This will force Chrome to check for browser updates, you should be updated to version 112.0.5615.121. Once the update is complete, you must restart the browser to be fully protected.
The update version 112.0.5615.121 addressing CVE-2023-2033 is currently available for Chrome users in the Stable Desktop channel and will roll out to all users over several days and weeks. The update is compatible with Windows, Mac, and Linux systems.
Have additional questions? Contact a member of the BMT team.