Google on Wednesday announced emergency patches for a Chrome vulnerability that is under active exploitation. This is the eighth zero-day documented this year.
The issue, tracked as CVE-2023-7024, is described as a high-severity heap buffer overflow bug in Chrome’s WebRTC component.
Supported by major browser makers, WebRTC (Web Real-Time Communication) is an open source project that provides real-time communication via APIs.
“Google is aware that an exploit for CVE-2023-7024 exists in the wild,” the internet giant notes in an advisory. The security hole was reported on December 19, just one day before the patches came out.
[...]
Google Rushes to Patch Eighth Chrome Zero-Day This Year
Google Rushes to Patch Eighth Chrome Zero-Day This Year
-
rbc
- President
- Posts: 273
- Joined: Mon Oct 30, 2023 1:32 am
- Location: Vicksburg, MS
- ISC2 Member Status: Yes
- Contact:
Google Rushes to Patch Eighth Chrome Zero-Day This Year
Robert B. Carleton + ISC2 Central Mississippi President