PRUEBA AHORA
Vulnerability

Zero-Day Vulnerability Fixed in Google Chrome 113

2 min. read
17/05/2023
By Laura Libeer
Google Chrome Vulnerability

⚡ TL;DR | Go Straight to the Google Chrome 113 Vulnerability Audit Report

Google released a round of security update for Chrome 113 for Windows, Linux, and Mac addressing yet another critical zero-day vulnerability. The update addresses a total of 12 vulnerabilities, the most severe of which could lead to arbitrary code execution. An attacker could use the flaw to gain full system access. Just last month Google already addressed 2 similar zero-days in Chrome 112 (April 14th and April 18th). We have added a new report to your Lansweeper installation to help you find potentially vulnerable installs of Google Chrome.

Chrome 113 Security Update

The new security update includes 12 security fixes. The most important one is for a critical use after free vulnerability in Navigation. The vulnerability tracked as CVE-2023-2721, could lead to arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the compromised user, this could allow them to install programs; view, change, or delete sensitive data; or create new accounts with full user rights. So far, there are no reports that any of the issues addressed in the update are being exploited in the wild.

Update Vulnerable Google Chrome Installations

As always, Google is holding off on releasing any further details about the vulnerability in Chrome 113 for now. This way they hope to prevent further exploitation until a majority of users have had a chance to update to the fixed version. In order to protect your network you should update all Google Chrome installations to the new version as soon as possible. That is 113.0.5672.126/.127 for Windows and 113.0.5672.126 for Mac and Linux. You can find more information about the security update on Google’s release page.

Discover Vulnerable Chrome Installs

To help you find all vulnerable Google Chrome installations in your network, our team has put together a special audit report. It will list all computers in your network that are not running the latest version of Chrome yet. This way you have an actionable list of installs that are still at risk and you can take action accordingly. You can get to the report via the link below.

Chrome 113 vulnerability report