Update Google Chrome to Protect your Business from this Zero Day Threat
Google’s Chrome browser, used by over three billion users worldwide, recently encountered its first Zero-Day exploit of the year. In response, Google has issued an urgent update to address the discovered vulnerability, CVE-2023-2033, which affects Chrome on Windows, Mac, and Linux platforms. The exploit, identified as a “Type Confusion in V8,” occurs when an incompatible method accesses a resource initialised by a different method, potentially exposing the browser’s memory to unauthorised access. The vulnerability was discovered by Google’s Threat Analysis Group, but unfortunately, a patch was not developed before the first exploits began.
To protect your browser, it is crucial to update Chrome immediately. To do so, click the overflow menu bar (three vertical dots) in the browser’s top right corner, then navigate to Help > About Google Chrome. This action will force Chrome to check for browser updates. After the update is complete, be sure to restart the browser to ensure full protection. Google has made significant progress in patching Chrome vulnerabilities this year, as evidenced by the fact that it took until April for the first Zero-Day exploit to emerge. In comparison, Chrome experienced 15 Zero-Day exploits in 2021 and nine in 2022.
Google’s success in reducing vulnerabilities can be attributed to its robust reporting system and high bounties paid for the discovery of security issues, incentivising researchers to disclose their findings to Google rather than hackers. In 2022, Google paid over $12 million in bug bounties, including a record single bounty of $605,000 for a critical exploit. Despite this progress, Chrome’s dominance in the browser market means it remains a prime target for attackers. Google warned in March 2022 that Zero-Day attacks would likely continue to rise, so users must stay vigilant and promptly apply updates to ensure the security of their browsing experience.
To ensure that your business machines are protected from Zero Day Threats such as this one, ensure that you are protected with Endpoint Detection & Response, One2Call’s EDR solution uses artifical inteligence to proactivly monitor your endpoints for unusual or malicious activity to prevent them from being targeted by previously unknown threats. Click the link below to find out more about Endpoint Detection & Response, or contact us to discuss your business Cyber Security.
Latest News Stories
OpenSSL releases update to address Vulnerabilities
The OpenSSL project has released version 3.0.7, a security update for two vulnerabilities in OpenSSL 3.0.x. These vulnerabilities, CVE-2022-3786 and CVE-2022-3602, affect version 3.0.x and do not impact OpenSSL 1.1.1 or LibreSSL. Organizations are urged to ensure that...
UEFI Cyber Security Vulnerability
On Wednesday, March 1st, 2023, researchers announced the discovery of the first real-world malware that can hijack a computer's boot process even when advanced protections, such as Secure Boot, are enabled and running on fully updated versions of Windows. Dubbed...
How can you modernise your Business Security?
When it comes to business buildings, they often have a large footfall, so protecting and securing your building is vital. Moving away from the old-fashioned methods of building access is the way to take control of security at the points of access. One2Call’s access...
Our Customers
Testimonials
Danielle, Tremark Associates Ltd
Jordan dealt with both my issues quickly and were both sorted within the hour.
Annette, Logo Leisurewear
Happy with excellent service by Pawel and Adam getting my new PC just as I need it to be set up. Thanks.
Pat Nash, Invma
Responsive support, friendly service, knowledgeable/competent engineers.