Google Chrome Urgently Releases Patch to Address Second Zero-Day Attack

Google Chrome has released an urgent patch update due to a second zero-day attack, which has been actively exploited by hackers. The vulnerability, called CVE-2023-2136, is related to an integer overflow issue in Skia, a 2D graphics library. The flaw was discovered and reported by Clément Lecigne of Google's Threat Analysis Group on April 12, 2023. The vulnerability could allow an attacker who had already compromised the renderer process to potentially escape the sandbox using a specially crafted HTML page. Google has fixed this vulnerability along with seven others but did not provide further details to prevent further exploitation. This is the second time this year that Google Chrome has been hit by a zero-day vulnerability. Users are advised to update to version 112.0.5615.137 for Windows, macOS, and Linux to mitigate potential threats. Users of other Chromium-based browsers are also advised to apply the fixes when they become available.