Google has patched the fifth actively exploited Chrome zero-day vulnerability of the year in an emergency security update released on Wednesday.
The vulnerability, tracked as CVE-2023-5217, is a type confusion flaw in the V8 JavaScript engine. Type confusion vulnerabilities can allow attackers to execute arbitrary code on a victim’s system, which could lead to data theft, malware installation, or other malicious activity.
“Google is aware that an exploit for CVE-2023-5217 exists in the wild,” the company revealed in a security advisory published on Wednesday.
To update Chrome, simply open the browser and click on the three dots in the top right corner. Then, select “Help” and then “About Google Chrome.” Chrome will check for updates and install them automatically if available.
