It was only some days in the past when Google pushed out an emergency replace to Chrome for Mac that fastened a vulnerability that was actively exploited. Lower than every week later, a second replace has arrived to repair one other flaw that exists within the wild.
The 112.0.5615.137 replace for Chrome for Mac fixes eight safety flaws, together with a minimum of one which will have been actively exploited. That vulnerability (CVE-2023-2136) is described as an integer overflow in Skia and is listed as a high-risk bug. In contrast to Apple’s safety updates, Google doesn’t disclose how the flaw was fastened.
4 different flaws are additionally outlined within the weblog put up on Google’s Chrome Releases website:
CVE-2023-2133: Out of bounds reminiscence entry in Service Employee API. Reported by Rong Jian of VRI on 2023-03-30
CVE-2023-2134: Out of bounds reminiscence entry in Service Employee API. Reported by Rong Jian of VRI on 2023-03-30
CVE-2023-2135: Use after free in DevTools. Reported by Cassidy Kim(@cassidy6564) on 2023-03-14
CVE-2023-2137: Heap buffer overflow in sqlite. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Analysis Institute on 2023-04-05
The entire flaws are listed as “excessive” threat apart from CVE-2023-2137, which has a “medium” threat. In all, there are eight safety fixes. Google says the replace must be rolling to all customers “over the approaching days/weeks.”
To replace Chrome, click on on the Chrome menu, then About Chrome. Examine the model quantity to see if it’s been up to date to v112.0.5615.137. If not, await the replace to obtain and click on Relaunch.
For extra advise about staying safe in your Mac learn: How safe is a Mac and are Macs actually safer than Home windows? and 10 methods to guard your Mac from malware and theft.