CVE-2023-5186: A ‘Use after free in Passwords’ vulnerability. The credit for discovering this issue goes to Clément Lecigne from Google’s Threat Analysis Group, who detected and reported it on September 25, 2023.Īlong with the zero-day vulnerability, Google also addressed two other high-severity vulnerabilities in this update:ġ. “ Google is aware that an exploit for CVE-2023-5217 exists in the wild,” the tech giant wrote. To decode that for non-techies: think of it as a flaw that could allow hackers to take unexpected actions that the software doesn’t intend, potentially compromising the user’s system. This particular vulnerability arises from a heap buffer overflow in the vp8 encoding found in libvpx. In the realm of cyber threats, a “zero-day” refers to a vulnerability unknown to those who should be interested in its mitigation (like the software vendor), until it starts becoming actively exploited by hackers. Google recently revealed in a security advisory that a zero-day vulnerability, designated as CVE-2023-5217, is being actively exploited. Here’s everything you need to know about this vulnerability and how you can protect yourself. In the ever-evolving world of internet security, a new threat has emerged, prompting Google to release emergency updates for its renowned browser, Chrome.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |