Google has recently released a new Stable Channel Update for its Chrome web browser on all supported PC operating systems, which is designed to fix an actively exploited security vulnerability. Details about the flaw are unknown at this point, but the issue is affecting browsers and internet clients developed by other companies as well.
Tracked as CVE-2023-4863, the bug is described as heap buffer overflow in Chrome’s WebP support prior to version 116.0.5845.187. A remote attacker could exploit the flaw to perform a memory write outside the allocated buffer via a crafted HTML page, which could lead to arbitrary (and likely malicious) code execution.
