Chrome 113 Security Update Patches Critical Vulnerability


This week, Google disclosed the availability of a security update for Chrome 113 that fixes a total of 12 vulnerabilities, one of which is classified as critical. External researchers found six of the errors. The problem, identified as CVE-2023-2721, was disclosed by Qihoo 360 researcher Guang Gong and is known as a use-after-free vulnerability in Navigation.

An HTML page might be created by a remote attacker to cause a heap corruption whenever a user sees the page. The user would need to be persuaded to visit the page by the attacker. Use-after-free vulnerabilities are memory corruption problems that can result in arbitrary code execution, a denial-of-service, or data corruption if the pointer is not cleared after memory allocation is freed.

Read More…