Google has distributed critical security updates addressing seven vulnerabilities in its Chrome browser, one of which is a high-severity zero-day exploit currently being weaponized in the wild.
This vulnerability, identified as CVE-2023-6345, is classified as an integer overflow flaw within Skia, an open-source 2D graphics library frequently utilized in web applications. Effective mitigation is essential given its active exploitation status.
The discovery and reporting of this flaw are credited to Google’s Threat Analysis Group members, Benoît Sevens and Clément Lecigne, who identified the issue on November 24, 2023. Google confirmed the existence of real-world exploitation for CVE-2023-6345, yet refrained from sharing extensive details regarding the nature of these attacks or the potential threat actors involved.
It is notable that Google previously issued patches for a similar integer overflow vulnerability in Skia, designated as CVE-2023-2136, in April 2023. This increases concerns that CVE-2023-6345 may represent a bypass of earlier security measures.
CVE-2023-2136 reportedly allowed remote attackers to escape sandbox restrictions via a specially crafted HTML page, demonstrating the potential severity of similar vulnerabilities that remain unaddressed. Given these circumstances, browser security remains an ongoing challenge.
Since the beginning of the year, Google has addressed a total of seven zero-day vulnerabilities within Chrome, underscoring the urgent need for updates and ongoing vigilance against emerging threats. A variety of vulnerabilities have been patched, including those related to type confusion and heap buffer overflows, each with varying levels of severity.
To safeguard their systems, users are strongly advised to update to Chrome version 119.0.6045.199/.200 for Windows or 119.0.6045.199 for macOS and Linux. It is equally critical for users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi to apply the relevant updates as they become available, in order to defend against potential compromises.
This situation exemplifies the importance of maintaining a proactive security posture, particularly in light of vulnerabilities that could facilitate tactics such as initial access, privilege escalation, or sandbox escape, as outlined in the MITRE ATT&CK framework. Identifying and responding to these vulnerabilities swiftly can significantly mitigate the risks posed to users and organizations alike.
(This article was updated after publication to include the latest information regarding the ongoing exploitation of CVE-2023-4762.)
