Google has released an urgent update to fix a zero-day vulnerability in Chrome that is being actively exploited, making it the first such bug to be addressed this year.
The vulnerability, tracked as CVE-2023-2033, is a high-severity type confusion issue in the V8 JavaScript engine.
Google acknowledged that an exploit for the vulnerability exists in the wild but did not provide additional technical details or indicators of compromise to prevent further exploitation.
The vulnerability shares similarities with four other types of confusion flaws in V8 that were remediated by Google in 2022.
Users are advised to upgrade to version 112.0.5615.121 for Windows, macOS, and Linux to mitigate potential threats. Chromium-based browser users are also advised to apply the fixes as they become available.