Google has released an update for its Chrome browser, fixing the second zero-day vulnerability in the past seven days. The new 0-day issue, identified as CVE-2023-2136, was discovered by Google’s Threat Analysis Group (TAG) experts at the beginning of this month. It is related to an integer overflow in Skia, Google’s open source multi-platform 2D graphics library written in C++. If exploited, the vulnerability could lead to mis-rendering, memory corruption, and arbitrary code execution, giving an attacker access to the system. The stable release of the update is currently available for Windows and Mac users, while the Linux version will be released soon. This follows the release of a fix for the 0-day vulnerability CVE-2023-2033 at the end of last week, which was described as a type confusion type problem in the JavaScript V8 engine. This was the first zero-day issue identified in a browser in 2023.
