All Google Chrome users should update immediately to address a zero-day vulnerability that is being actively exploited.
One of Google’s own researchers, Clément Lecigne of the Threat Analysis Group (TAG), discovered the flaw. According to fellow TAG researcher Maddie Stone, the flaw is being actively exploited “by a commercial surveillance vendor.”
.@_clem1 discovered another ITW 0-day in use by a commercial surveillance vendor: CVE-2023-5217. Thank you to Chrome for releasing a patch in TWO 🤯day!!
Maddie Stone (@maddiestone) — September 27, 2023
Again, all users should update immediately.