Emergency Update to Fix Zero-day Vulnerability: Google on its Way to Fix

On Friday, Google rolled out emergency updates to fix a zero-day vulnerability that was being actively exploited in its Chrome web browser. This is the first such bug to be resolved since the beginning of the year. 

Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability read more: https://t.co/Owp2DzUP76#google #GoogleAlerts #GooglePlay #Chrome #Zeroday #Vulnerability #CyberSecurity #CybersecurityNews #CyberSec #cybersecuritytips #cybersecurityawareness pic.twitter.com/gSEHl0hoQ7

— ReconBee (@ReconBee) April 17, 2023

The flaw, assigned CVE-2023-2033 and of high severity, has been identified as a type of confusion issue in the V8 JavaScript engine. The discovery of the vulnerability is credited to Clement Lecigne of Google’s Threat Analysis Group (TAG), who reported it on April 11, 2023. 

Source: https://nvd.nist.gov/vuln/detail/CVE-2023-2033

“Type confusion in V8 in Google Chrome before 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High).”

Google confirmed that an exploit for CVE-2023-2033 is currently being used in the wild but refrained from sharing any additional technical details or indicators of compromise (IoCs) to prevent further exploitation by malicious actors.

It is worth noting that CVE-2023-2033 bears similarities to four other types of confusion flaws in V8, namely.

• CVE-2022-1096, 
• CVE-2022-1364, 
• CVE-2022-3723, and 
• CVE-2022-4262, all of which were also actively abused and addressed by Google in 2022.

According to Google: “Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on but haven’t yet fixed.”

What could be done?

All Chrome users should now update the web browser to fight back against these vulnerabilities, which could be exploited. In one recently reported case, Threat Analysis Group discovered two distinct North Korean government-backed attacker groups exploiting a remote code execution vulnerability in Chrome, CVE-2022-0609. These groups’ activity has been publicly tracked as Operation Dream Job and Operation AppleJeus.

#FortiGuardLabs Threat Signal Report: Microsoft Patch Tuesday Fixed Zero Day Elevation of Privilege Vulnerability (CVE-2023-21674) ⮕ https://t.co/FzbWh36NDQ pic.twitter.com/RGq1eca2Dp

— FortiGuard Labs (@FortiGuardLabs) January 12, 2023

Concluding thoughts

Hackers are waiting for the vulnerabilities to exploit. So if you believe not to become prey, keep the patches intact, follow the updates, and get the fixes. When it comes to Google, with its research team always working for the best, we get the hold that something will be done.