It's time to update your Chrome, after Google announced it "is aware that an exploit for CVE-2023-7024 exists in the wild."
This zero-day, the eighth patched since the start of the year, is described as a heap-based buffer overflow bug in the WebRTC framework, which is used by several web browsers, including Safari, Microsoft Edge, and Mozilla Firefox, to deliver Real-Time Communications (RTC) capabilities such as file sharing, video streaming, and VoIP telephony through JavaScript APIs.
Google recommends users to upgrade their Chrome browsers to version 120.0.6099.129 for macOS and Linux, as well as 120.0.6099.129/130 for Windows. Anyone using Chromium-based browsers, such as Microsoft Edge, Vivaldi, Opera and Brave, are advised to apply fixes from their respective vendors.
The bug was discovered by Clément Lecigne and Vlad Stolyarov of Google's Threat Analysis Group (TAG) which, among other things, detects hacking attempts in order to protect users from attacks and uncovers zero-days exploited by government-sponsored threat actors.
Full details can be found HERE.
