Google discloses zero-day vulnerability with active exploitation

Target Industry

Indiscriminate, opportunistic targeting.

Overview

Google has released a security update which has addressed a zero-day vulnerability, tracked as CVE-2023-3079. The flaw pertains to the Chrome web browser and has been reported to have been actively exploited in the wild.

Although technical details regarding the vulnerability are limited as of the time of writing, it has been confirmed that it involves a type confusion in V8, Chrome’s JavaScript engine responsible for executing code within the browser.

Impact

Successful exploitation of CVE-2023-3079 will likely allow a remote threat actor to exploit heap corruption via a crafted HTML page. This would ultimately allow for memory manipulation and arbitrary code execution within vulnerable browsers.

Affected Products

Google Chrome Browser prior to 114.0.5735.110

Containment, Mitigations & Remediations

It is strongly recommended that Chrome users apply the relevant security update as soon as possible. The respective versions are as follows:

– Version 114.0.5735.110 for Windows

– Version 114.0.5735.106 for Mac and Linux.

To initiate the update manually, navigate to the Chrome settings menu in the upper right corner and select: Help → About Google Chrome. It should be noted that relaunching the browser is required to complete the update.

Security updates are also automatically installed upon the next opening of the browser without user intervention. As such, it is advised that users open the ‘About’ page to ensure that they are operating the most recent version of the browser.

Indicators of Compromise

No specific Indicators of Compromise (IoCs) are available currently.

Threat Landscape

Google Chrome occupies a significant portion of the browser market share. Given that threat actors generally utilise a combination of probability and asset value to determine which attack surfaces to focus on, Google Chrome has become a prime target. Due to the fact that the Chrome browser has become an integral aspect of both personal and business operations, threat actors will continue to exploit vulnerabilities contained within the product in an attempt to extract the sensitive data contained therein.

The security flaw reported on is the third Chrome zero-day exploited by threat actors since the beginning of 2023, the previous two being tracked as CVE-2023-2033 and CVE-2023-2136. Based on this trend, it is likely that further emerging zero-day vulnerabilities will be leveraged by threat actors in the future to complete their objectives of data compromise.

Threat Group

No attribution to specific threat actors or groups has been identified at the time of writing.

Mitre Methodologies

Tactic:

TA0002 – Execution

Further Information

Google Security Bulletin