Web browsers, and especially Google Chrome for its huge share of users, are a priority target for many cybercriminals. Some time ago, while talking to a cybersecurity expert, he told me that the fact that web browsers are the focus of many security alerts should not be interpreted in terms of being worse developed than other types of applications (in fact, security is an aspect in which the focus is actively placed on its development), but because they are the target of a large majority of attacks, as well as investigations carried out by experts.
This is interesting, and reminds me of the days when Apple computer users bragged that they didn’t need security solutions because there were no threats thanks to Mac OS security. The reality was that, by user fee, it was more “profitable” to attack Windows, but as Macs began to grow in popularity, it quickly became clear that their operating system was not shielded against threats.
Thus, with so many guns pointing from different angles at the same target, It is inevitable that from time to time there will be a hit, that is, that a new security problem is identified. As I have already commented on more than one occasion, the objective and what we must pay attention to is the speed of response from the developers, in this case those responsible for Google Chrome, to publish an update that fixes said problem.
Well, once again we find ourselves in precisely that situation. As we can read in the browser updates blog, A vulnerability has been identified in Google Chrome and an update has been released to fix it.. The problem has been assigned the identifier CVE-2023-3079 and, as reported by the company itself, its use has been detected in the wildwhich is the term used by the Anglo-Saxons to refer to the fact that evidence has already been found that it has been used on the Internet.
Thus, Google Chrome users must update their browser to version 114.0.5735.110 if they use it in Windowsor to the 114.0.5735.106 in case your operating system is macOS or Linux. As is common (and logical) Google has given some indications about the vulnerability, indicating that it is a type confusion error (just like CVE-2023-2033), but it has not been more specific to prevent cybercriminals from can infer how to exploit it, thus further compromising the security of users.
Unlike CVE-2023-2033, which was rated critical, CVE-2023-3079 assigns it the rank of “High”, one notch below the previous one. In other words, it is potentially not so dangerous, but still we must protect ourselves from it as a priority. So once again our recommendation is that you update Google Chrome immediately. And if you’re still not sure how to do it, here we give you all the instructions so you can do it in less than a minute.
