Google has released emergency security updates to address a zero-day vulnerability in Chrome that has been actively exploited in attacks in the wild. The vulnerability, tracked as CVE-2023-4863, is a critical heap buffer overflow that resides in the WebP image format. This could allow an attacker to execute arbitrary code on a victim’s computer if they were tricked into opening a malicious WebP image.
Google is aware that an exploit for this vulnerability exists in the wild, but they have not yet released any details about how it is being exploited. They are urging all Chrome users to update to the latest version as soon as possible to protect themselves from this vulnerability.
To update Chrome, follow these steps:
- On Windows, open the Start menu and search for “Chrome.”
- Click on the Chrome icon to open the browser.
- Click on the three dots in the top right corner of the window.
- Select “Help” > “About Google Chrome.”
- Chrome will check for updates and install them automatically.
If you are using a Mac, open the Finder and locate the Chrome app.
- Right-click on the Chrome app and select “Get Info.”
- In the General tab, look for the version number.
- If the version number is lower than 116.0.5845.187, you need to update Chrome.
To update Chrome on a Linux computer, open a terminal window and type the following command:
sudo apt update sudo apt install chrome
Once Chrome has been updated, you should be protected from this vulnerability.
Here are some additional tips to help protect yourself from cyberattacks:
- Keep your operating system and apps up to date.
- Use a strong password manager to store all of your passwords.
- Enable two-factor authentication for all of your online accounts.
- Be careful about what websites you visit and what information you enter on them.
- If you think that your computer has been compromised, change all of your passwords immediately.
By following these tips, you can help to protect yourself from cyberattacks.