Google released a fix on Monday for a Chrome zero-day. Like the three before it, this fourth Chrome zero-day vulnerability found in 2023 allows an attacker to remotely target a vulnerable version of the browser.

An attacker could exploit the vulnerability to execute arbitrary code, mishandle the data in the browser’s memory and eventually crash the browser on a victim’s device. The flaw stems from a heap buffer overflow issue in the WebP, an image format championed by Google as a high-quality compression method.