Page 1 of 1

Google Rushes to Patch Eighth Chrome Zero-Day This Year

Posted: Thu Dec 21, 2023 6:48 pm
by rbc
Google on Wednesday announced emergency patches for a Chrome vulnerability that is under active exploitation. This is the eighth zero-day documented this year.

The issue, tracked as CVE-2023-7024, is described as a high-severity heap buffer overflow bug in Chrome’s WebRTC component.

Supported by major browser makers, WebRTC (Web Real-Time Communication) is an open source project that provides real-time communication via APIs.

“Google is aware that an exploit for CVE-2023-7024 exists in the wild,” the internet giant notes in an advisory. The security hole was reported on December 19, just one day before the patches came out.
[...]
Google Rushes to Patch Eighth Chrome Zero-Day This Year