Newsnews
Cybersecurity News

Google Quickly Fixes Zero-Day Exploited By Spyware Vendor

Written by: Lucky Stith | Published: 29 September 2023 | Modified: 1 December 2023
google-quickly-fixes-zero-day-exploited-by-spyware-vendor
Cybersecurity

Google has taken swift action to fix a zero-day vulnerability in its Chrome browser that was being exploited by a commercial spyware vendor. The vulnerability, known as CVE-2023-5217, was reported to Google’s Chrome team by Clement Lecigne of the Threat Analysis Group just two days before the patch was released. Google confirmed that the exploit was being used in the wild.

Key Takeaway

A zero-day vulnerability in Google Chrome, exploited by a commercial spyware vendor, has been promptly patched by Google. The vulnerability allowed the installation of malicious software and its specific details remain undisclosed.

Details of the Zero-Day Exploit

The zero-day vulnerability, described as a “heap buffer overflow in vp8 encoding in libvpx,” allowed the spyware vendor to install malicious software on victims’ systems. The specific details of the attacks exploiting the vulnerability were not disclosed in Google’s advisory. The company stated that access to bug details and links would be restricted until a majority of users had updated with the fix.

Rollout of the Patch

The vulnerability has been fixed in the latest version of Google Chrome, version 117.0.5938.132. The patch is currently being rolled out to Windows, Mac, and Linux users in the Stable Desktop channel.

Previous Zero-Day Exploits

This emergency patch for Google Chrome comes shortly after Google fixed another zero-day vulnerability, which was initially misidentified as a Chrome vulnerability but was later assigned to the open-source libwebp library. This vulnerability affected popular apps such as 1Password, Firefox, Microsoft Edge, Safari, and Signal. Additionally, Apple recently patched three zero-days that were used to exploit an Egyptian presidential candidate’s phone with the Predator spyware developed by Cytrox, another commercial spyware vendor.

Google’s swift action in fixing these vulnerabilities demonstrates their commitment to user security and highlights the continuous cat-and-mouse game between cybercriminals and technology companies. It also emphasizes the importance of regularly updating software to ensure protection against the latest threats.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

Related Posts

Microsoft Remains Silent On Exploitation Of Zero-Day Vulnerabilities
News

Microsoft Remains Silent On Exploitation Of Zero-Day Vulnerabilities

by Joscelin Harder | 5 October 2023
Apple Releases Security Updates To Fix Actively Exploited Zero-Day Vulnerabilities
News

Apple Releases Security Updates To Fix Actively Exploited Zero-Day Vulnerabilities

by Raye Loving | 2 December 2023
New Apple Security Updates Patch Zero-Day Vulnerabilities
News

New Apple Security Updates Patch Zero-Day Vulnerabilities

by Dode Roden | 23 September 2023
What Is The Correct Definition Of A Cybersecurity Exploit?
TECHNOLOGY

What Is The Correct Definition Of A Cybersecurity Exploit?

by Devora Gorski | 12 September 2023
What Is Cybersecurity?
TECHNOLOGY

What Is Cybersecurity?

by Lorri Hinman | 12 September 2023
New Critical Atlassian Zero-Day Exploited By State-Backed Hackers, Microsoft Says
News

New Critical Atlassian Zero-Day Exploited By State-Backed Hackers, Microsoft Says

by Malanie Walls | 12 October 2023
What Are Some Of The Shortcomings Of Antivirus Software Today? Check All That Apply.
TECHNOLOGY

What Are Some Of The Shortcomings Of Antivirus Software Today? Check All That Apply.

by Shina Thies | 11 September 2023
How Many Cybersecurity Attacks Per Day
TECHNOLOGY

How Many Cybersecurity Attacks Per Day

by La Verne Haun | 12 September 2023

Recent Stories

How to Create Videos From Text Advanced Software and Online Tool
TECHNOLOGY

How to Create Videos From Text Advanced Software and Online Tool

by Lucky Stith | 5 November 2024
How Text Animation Can Boost Your Content and Creativity
Content Creation Tools

How Text Animation Can Boost Your Content and Creativity

by Lucky Stith | 28 October 2024
5 Ways to Free Convert FLAC to MP3 on PC
TECHNOLOGY

5 Ways to Free Convert FLAC to MP3 on PC

by Lucky Stith | 24 October 2024
Behind the Scenes of Artificial Intelligence: Leading IT Expert in the Middle East Ali Kamran on the Secrets of Machine Learning
News

Behind the Scenes of Artificial Intelligence: Leading IT Expert in the Middle East Ali Kamran on the Secrets of Machine Learning

by Lucky Stith | 9 October 2024
What is the Best Color Palette for YouTube Videos?
TECHNOLOGY

What is the Best Color Palette for YouTube Videos?

by Lucky Stith | 28 September 2024
Hyperbaric Oxygen Therapy: Revolutionizing Treatment for Various Conditions
TECHNOLOGY

Hyperbaric Oxygen Therapy: Revolutionizing Treatment for Various Conditions

by Lucky Stith | 19 September 2024
12 Best Free AI Image Sharpeners in 2024 (Web/PC/Mobile)
TECHNOLOGY

12 Best Free AI Image Sharpeners in 2024 (Web/PC/Mobile)

by Lucky Stith | 29 August 2024
Sanjuksha Nirgude Soaring High with Robotics
Robotics

Sanjuksha Nirgude Soaring High with Robotics

by Lucky Stith | 26 August 2024