Google Rushes to Patch Eighth Chrome Zero-Day This Year

Industry news
Post Reply
rbc
President
Posts: 291
Joined: Mon Oct 30, 2023 1:32 am
Location: Vicksburg, MS
ISC2 Member Status: Yes
Contact:

Google Rushes to Patch Eighth Chrome Zero-Day This Year

Post by rbc »

Google on Wednesday announced emergency patches for a Chrome vulnerability that is under active exploitation. This is the eighth zero-day documented this year.

The issue, tracked as CVE-2023-7024, is described as a high-severity heap buffer overflow bug in Chrome’s WebRTC component.

Supported by major browser makers, WebRTC (Web Real-Time Communication) is an open source project that provides real-time communication via APIs.

“Google is aware that an exploit for CVE-2023-7024 exists in the wild,” the internet giant notes in an advisory. The security hole was reported on December 19, just one day before the patches came out.
[...]
Google Rushes to Patch Eighth Chrome Zero-Day This Year
Robert B. Carleton + ISC2 Central Mississippi President
Post Reply