Skip to main content
  1. Home
  2. Computing
  3. News

Update Chrome now to avoid this major zero-day exploit

Add as a preferred source on Google

The Google Chrome browser has been hit by its first zero-day attack of 2023, and Google has begun rolling out an emergency update as of today to address the exploit.

Google detailed on its Chrome Release blog that it is aware that an exploit for CVE-2023-2033 exists in the wild. It has likely been circulating since the beginning of the year, according to Bleeping Computer.

Google Chrome open with several tabs.
Arif Bacchus/ Digital Trends / Digital Trends

The exploit was discovered and reported by Clement Lecigne of Google’s Threat Analysis Group (TAG). The group is known for locating government-sponsored bad actors that intend to hack Google to get access to high-profile people, such as journalists and rival politicians, so they can infect their accounts and devices with spyware, the publication noted.

Recommended Videos

The CVE-2023-2033 vulnerability is considered high-severity and is detailed as a “confusion weakness in the Chrome V8 JavaScript engine.” However, Google has shared few other details about the attack at this time, particularly about how the CVE-2023-2033 vulnerability has been used in actual attacks. The name “zero-day” indicates that the vulnerability still exists in the wild, despite Google having addressed it with an update.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Google said. “We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed.”

The update version 112.0.5615.121 addressing CVE-2023-2033 is currently available for Chrome users in the Stable Desktop channel and will roll out to all users over several days and weeks. The update is compatible with Windows, Mac, and Linux systems. BleepingComputer noted it was able to access the update immediately by accessing Chrome menu > Help > About Google Chrome. The update will also hit Chrome browsers automatically when available after a restart.

In March 2022, a similar zero-day vulnerability called CVE-2022-1096 affected Chrome’s V8 JavaScript engine specifically on Mac devices.

A major zero-day vulnerability that affected Windows programs in June 2022, called CVE-2022-30190, Follina, was traced to a Chinese TA413 hacking group and was aimed at the Tibetan diaspora, as well as U.S. and EU government agencies.

Fionna Agomuoh
Fionna Agomuoh is a Computing Writer at Digital Trends. She covers a range of topics in the computing space, including…
ASUS Zenbook Duo UX8407AA review: Two screens finally earned their place in my bag
Two machines are definitely better than one, but on the same laptop? Asus nailed it, but you must be willing to pay for the convenience.
ASUS Zenbook Duo has two displays

See at Amazon

Two displays on a laptop once sounded like an elaborate solution waiting for the right problem. ASUS has spent the past few generations steadily proving otherwise. After using the latest Zenbook Duo (2026) UX8407AA for over two weeks, I started arranging my daily routine around that second display. 

Read more
How Claude helped my 65-year-old dad finally ditch his handwritten ledgers
AI has a lot to answer for, but this one small win is hard to argue with, at least for me.
Claude app on iPhone

My dad has owned a small business for as long as I can remember, and for just as long, he's kept his books the old-fashioned way. Every sale gets written down by hand so he can file his taxes later. The problem is that his accountant needs this data in Excel, and my dad, who didn’t grow up around computers, has never learned how to use it.

For years, his workaround was paying someone to manually type his handwritten entries into a spreadsheet. It worked, but it was adding additional cost to his business, which he wanted to avoid, but couldn't.

Read more
AI’s energy tax was already concerning. Research says AI agents are over hundred times worse
AI agents could consume 136 times more energy than today's AI, study finds
AI agents

The AI industry's soaring electricity demand has already become a growing concern for governments, utilities, and technology companies. But a new study suggests the next generation of artificial intelligence could make that problem significantly worse.

Researchers from the Korea Advanced Institute of Science and Technology (KAIST) have published what they describe as the first comprehensive analysis of the energy cost of AI agents - AI systems capable of reasoning, planning, and completing tasks autonomously. Their findings show that these systems can consume up to 136.5 times as much energy per query as conventional generative AI models, raising fresh questions about whether the infrastructure supporting tomorrow's AI is ready for what's coming.

Read more