Google has recently identified a significant “zero-day” security vulnerability in the Chrome browser, marked as ‘CVE-2023-7024’.
Researchers from Google’s Threat Analysis Group were responsible for uncovering this flaw. They revealed that exploiting this vulnerability makes it possible to cache various programs by circumventing the security measures within the WebRTC framework of the Chrome browser.
With the fixing of the new vulnerability feature, Google has added in a blog post, “The Extended Stable channel has been updated to 120.0.6099.129 for Mac and 120.0.6099.130 for Windows, which will roll out over the coming days/weeks.”
The exploit opens the door for potential large-scale cyber attacks conducted remotely by injecting counterfeit code.
In response to the discovery of this zero-day security flaw, Google promptly executed a security update for the Chrome browser.
Users are strongly advised to adopt version 120.0.6099.129/130 for Windows and 120.0.6099.129 for Mac and Linux, as older versions still harbour security vulnerabilities.
Zero-day vulnerabilities are software weaknesses that organizations address by rapidly releasing security patches.
When hackers exploit a flaw before the patch is deployed, it is termed a zero-day vulnerability.
Google refrained from providing detailed information about this error until after the implementation of the Chrome security update.