Both Google and Microsoft recently rolled out updates to their Chrome and Edge browsers to address a pair of zero-day vulnerabilities that enabled remote code execution (RCE). The flaws were found in the V8 JavaScript engine and Skia graphics library, which are utilized by both browsers. Given the ease of potential exploitation, the technical specifics of the bugs were not disclosed. RCE vulnerabilities enable attackers to execute code on a targeted system without the user’s awareness, making them a valuable target for attackers. To stay protected, users are encouraged to confirm their browser versions and swiftly upgrade to the newest editions.

Relevant URL: https://nakedsecurity.sophos.com/2023/04/24/double-zero-day-in-chrome-and-edge-check-your-versions-now/