Hey Chrome, are you feeling okay? Because that is the second time in just five days that you simply’ve been patched for a zero-day vulnerability. Last Friday Google launched a patch that fastened a difficulty within the browser’s JavaScript engine, however in the present day’s bug is within the Skia graphics library. Chrome customers on Windows and Mac can obtain and apply the replace proper now, whereas Linux and different platforms ought to see the replace within the subsequent few days.

Resist the urge to push that replace again, as a result of this isn’t one thing that you need to ignore. Like final week’s bug, it’s being actively exploited “in the wild,” in accordance with Google’s post on the Chrome Releases page. (by way of Bleeping Computer). Unlike the opposite safety bugs fastened on this replace, which have been reported by members of the Vulnerability Research Institute and paid out in $20,000 of complete bug bounties, the essential flaw was found by Clément Lecigne of Google’s Threat Analysis Group.

It’s been precisely one week because the CVE-2023-2136 bug was recognized, which is a fairly good turnaround for a corporation that’s bigger in greenback phrases than a number of international locations. Details on precisely how the bug is being exploited aren’t accessible — presumably Google doesn’t need anybody else becoming a member of in on no matter they’ve seen taking place within the wild.