CVE-2023-4863: Heap buffer overflow in WebP (Chrome)
Link: https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html
Discussion: https://news.ycombinator.com/item?id=37478403
Google a corrigé la quatrième faille zero-day de Chrome de l’année 2023 ! https://www.it-connect.fr/google-chrome-zero-day-cve-2023-4863/ #Vulnérabilité #Logiciel-OS #Sécurité #Chrome #Google #Web
#vulnerabilite #logiciel #securite #chrome #google #web
La nouvelle fonctionnalité #PrivacySandbox du navigateur #Chrome de #Google vous met en danger. Changez de navigateur, vite ! https://blog.byl.fr/chrome-vous-traque-chrome-vous-met-en-danger
#privacysandbox #chrome #google
SecurityWeek: Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters https://www.securityweek.com/google-patches-chrome-zero-day-reported-by-apple-spyware-hunters/ #Vulnerabilities #exploited #Featured #Zero-Day #spyware #Chrome
#vulnerabilities #exploited #featured #zero #spyware #chrome
Jetzt patchen! Attacken auf kritische Schadcode-Lücke in Chrome naheliegend
Google warnt vor Exploitcode für eine Schwachstelle in Chrome. Eine abgesicherte Version des Webbrowsers ist verfügbar.
#chrome #security #sicherheitslucken #exploit #news
「 #Google 、悪用された #Chrome の重大な #脆弱性 への #パッチ 適用を急ぐ - 今すぐ更新」: The Hacker News
「
Sep 12, 2023THNBrowser Security / Zero Day
Chromeの脆弱性
Googleは月曜日、Chrome Webブラウザの重大なセキュリティ上の欠陥に対処するため、アウトオブバンドのセキュリティパッチを公開し、この脆弱性が悪用されていると発表した。
この問題はCVE-2023-4863 として追跡されており 、 WebP 画像形式 に存在する ヒープ バッファ オーバーフロー のケースとして説明されており 、これにより任意のコードの実行やクラッシュが発生する可能性があります。 」
https://thehackernews.com/2023/09/google-rushes-to-patch-critical-chrome.html
#google #chrome #脆弱性 #パッチ #prattohome #thehackernews
Chrome feiert 15. Geburtstag mit neuem Look und umstrittenem Cookie-Ersatz
https://www.derstandard.at/story/3000000186324/chrome-feiert-15-geburtstag-mit-neuem-look-und-umstrittenem-cookie-ersatz #Webbrowser #Browser #Chrome
New Version: #Google #Chrome 116.0.5845.188 (stable;x86) #Chromium https://www.google.com/chrome
SecurityOnline: CVE-2023-4863: New Chrome 0-day Bug Under Active Attacks https://securityonline.info/cve-2023-4863-new-chrome-0-day-bug-under-active-attacks/ #Vulnerability #CVE-2023-4863 #chrome #0day
#vulnerability #cve #chrome #0day
SecurityAffairs: GOOGLE FIXED THE FOURTH CHROME ZERO-DAY OF 2023 https://securityaffairs.com/150657/hacking/google-fixed-the-fourth-chrome-zero-day-of-2023.html #informationsecuritynews #ITInformationSecurity #PierluigiPaganini #SecurityAffairs #CVE-2023-4863 #BreakingNews #SecurityNews #hackingnews #Security #Hacking #zeroDay #Chrome
#informationsecuritynews #itinformationsecurity #pierluigipaganini #securityaffairs #cve #breakingnews #securitynews #hackingnews #security #hacking #zeroday #chrome
Google Chrome launches built-in user tracking for advertisers - Chrome’s Privacy Sandbox tracks users’ behavior within the browse... - https://cointelegraph.com/news/google-chrome-launches-built-in-user-tracking-advertisers #advertising #privacy #chrome #google #data #ads
#ads #data #google #chrome #privacy #advertising
With all the negative privacy rumblings about Chrome and how wonderful Firefox is, I thought I'd try Firefox as my default browser. As expected, it's not a simple switch trying to get 1Password 7 to work, and fixing all my automations. I'll keep slogging at it until I encounter a show-stopper. For scripting I rely on Chrome's single file page save a lot, which Firefox doesn't seem to have, although I've installed an extension.
Malwarebytes Labs
Password-stealing Chrome extension smuggled on to Web Store
Posted: September 5, 2023 by Mark Stockley
Researchers at the University of Wisconsin–Madison have demonstrated that Chrome browser extensions can steal passwords from the text input fields in websites, even if the extension is compliant with Chrome's latest security and privacy standard, Manifest V3.
#malware #chrome #browserextensions #passwordcollecting
Nice quick update on the new more invasive ad settings on #chrome and how to opt out. I found it fast and easy to opt out and I urge you to do the same if you like me are still using that shiny shiny Chrome. https://theconversation.com/google-chrome-just-rolled-out-a-new-way-to-track-you-and-serve-ads-heres-what-you-need-to-know-213150 #privacy
The idea, #Google hopes, is that #Topics will survive privacy legislation that bans "compiling a dossier" style #adtech #tracking
They are piloting it now to see if it works. Because of Google's dominance over the browser ecosystem with #Chrome and over online advertising generally, they're the only entity in a position to do something like this.
/9
#google #topics #adtech #tracking #chrome