On Friday Google released an emergency security update for a zero-day vulnerability in its popular Chrome desktop browser that it reported is being actively exploited. The flaw impacts Windows, macOS and Linux versions of the Google Chrome desktop browser prior to build version 112.0.5615.121.
“Google is aware that an exploit for CVE-2023-2033 exists in the wild,” Google explained.
There are few additional details regarding the bug, as specifics are “kept restricted until a majority of users are updated with a fix.”
The Friday patch update included a second security fix, however no CVE was provided for the second bug. Clément Lecigne of Google's Threat Analysis Group is credited for identifying the vulnerability (CVE-2023-2033), first spotted on April, 11.