A Vulnerability (CVE-2023-3079) Exists in Google Chrome, Microsoft Edge, Brave, and Vivaldi Could Allow for Arbitrary Code Execution

publish date : 2023-06-12
DESCRIPTION:
A vulnerability (CVE-2023-3079) exist in Google Chrome, Microsoft Edge, Brave, and Vivaldi which are based on Chromium. The vulnerability has been described as a type confusion bug in the V8 JavaScript engine and allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

AFFECTED RELEASES:
Google Chrome prior to 114.0.5735.110
Microsoft Edge prior to 114.0.1823.41
Brave prior to 1.52.122
Vivaldi prior to 6.1.3035.32

SOLUTION:
Upgrade to at least Google Chrome 114.0.5735.110 by following steps:
1. Open the Google Chrome browser.
2. Enter “chrome://settings/help” in the address bar. The window that appears will automatically check for updates and show you the current version of Chrome.
3. After Chrome is updated, click the “RELAUNCH” option to restart Chrome and complete the update.

Upgrade to at least Microsoft Edge 114.0.1823.41 by following steps:
1. Open the Microsoft Edge browser.
2. Enter “edge://settings/help” in the address bar. The window that appears will automatically check for updates and show you the current version of Edge.
3. After Edge is updated, click the “RELAUNCH” option to restart Edge and complete the update.

Upgrade to at least Brave 1.52.122 by following steps:
1. Open the Brave browser.
2. Enter “brave://settings/help” in the address bar. The window that appears will automatically check for updates and show you the current version of Brave.
3. After Brave is updated, click the “RELAUNCH” option to restart Brave and complete the update.

Upgrade to at least Vivaldi 6.1.3035.32 by following steps:
1. Open the Vivaldi browser.
2. Click Vivaldi menu button > Help > Check for Updates.
3. When an update is available, click on Install Update in the bottom right corner to complete updating Vivaldi.


REFERENCE:
1. https://www.ithome.com.tw/news/157215
2. https://thehackernews.com/2023/06/zero-day-alert-google-issues-patch-for.html?m=1
3. https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop.html
4. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-3079
5. https://brave.com/latest/
6. https://vivaldi.com/blog/desktop/minor-chromium-bump-vivaldi-browser-snapshot-3035-32/