Google has released an urgent security update for its Chrome web browser on Windows, Linux, Mac, and Android platforms. This update specifically targets a zero-day vulnerability, identified as CVE-2023-3079.

Security Risks

Successful exploitation of the identified vulnerabilities in Google Chrome, prior to version 114.0.5735.110, could potentially enable remote attackers to corrupt a system. This can be accomplished by utilizing a specially crafted webpage. Such manipulation grants attackers the ability to execute arbitrary code, potentially leading to system compromise. It is crucial to promptly address this vulnerability to minimize the risk of remote attacks, safeguard against unauthorized access, and prevent data breaches.

Recommended Actions

The National Cyber Security Authority (NCSA) recommends users and system administrators to:

1. Upgrade, as soon as possible, to the latest supported version of installed software in order to continue receiving technical support and security patches.

The released software versions to upgrade to are:

• Chrome 114.0.5735.110 for Windows

• Chrome 114.0.5735.106 for Mac and Linux

• Chrome 114 (114.0.5735.60/.61) for Android

• Chrome Stable 114 (114.0.5735.99) for iOS

2. Before performing any update tasks, ensure that you have a backup of your data.

For further information and support, please contact the National Cyber Security Authority (NCSA) by email to rwcsirt@ncsa.gov.rw or call us on 9009

References

Chrome Releases

nvd.nist.gov/vuln/detail/CVE-2023-3079