⚡ TL;DR | Go Straight to the Chrome 114 Vulnerability Audit Report
Google has released a security update for Chrome 114 for Windows, Linux, and Mac to fix a high-severity type confusion vulnerability. There are already reports of an exploit for the vulnerability existing in the wild. When exploited successfully, it could lead to arbitrary code execution in the context of the logged-on user, compromising critical data, and interrupting services. A new report has been added to Lansweeper to help you locate at-risk installations of Google Chrome.
Chrome Vulnerability CVE-2023-3079
The vulnerability tracked as CVE-2023-3079 is a type confusion vulnerability in V8. It received a high severity rating. Google reports that they are already aware of an exploit existing in the wild. The flaw could allow an attacker to execute arbitrary code in the context of the logged-on user. Depending on that user’s privileges, they would be able to install programs, view, change, or delete data, or create new user accounts with full user rights. You can read the full details on Google’s release page.
Update Vulnerable Google Chrome Installs
As always, Google is not releasing any further details about the vulnerability in Chrome 114 yet. This is to prevent further exploitation of the vulnerability until all users have had a chance to update to the fixed version of Chrome. To keep your network safe, update all Google Chrome installations on Windows, Linux, and Mac to the newest version. That is 114.0.5735.106 for Mac and Linux and 114.0.5735.110 for Windows.
Discover Vulnerable Chrome Installs
Our technical team has put together an audit report to help you find all vulnerable Google Chrome installs in your network. This will give you an actionable list of devices that are not running the newest versions of Google Chrome yet. This way you can easily see which devices still require your intervention. You can get to the report via the link below.