Google has issued urgent fixes to address a newly discovered security vulnerability in Chrome that is being actively exploited. This marks the eighth vulnerability that has been fixed by Google since the beginning of the year.
A security alert published on Wednesday stated that Google is cognizant of the existence of an exploit for CVE-2023-7024 in the wild.
The business promptly addressed the zero-day vulnerability for users in the Stable Desktop channel, distributing updated versions to Windows users globally (120.0.6099.129/130) and Mac and Linux users (120.0.6099.129) within one day of the bug being reported to Google.
The problem was detected and reported by Clément Lecigne and Vlad Stolyarov, members of Google’s Threat Analysis Group (TAG), a team of security specialists dedicated to protecting Google customers from assaults sponsored by governments.
Google’s Threat Analysis Group (TAG) regularly uncovers zero-day vulnerabilities that are exploited by threat actors funded by governments. These targeted attacks try to install spyware on the devices of individuals at high risk, such as opposition politicians, dissidents, and journalists.
While Google stated that the security upgrade may take many days or weeks to reach all users, it was promptly available when BleepingComputer conducted an update check earlier today.
Those who opt against manual updates can depend on their web browser to automatically perform checks for new updates and install them at the next launch.