Chrome Zero-Day Alert — Replace Your Browser to Patch New Vulnerability

Could 10, 2024NewsroomBrowser Safety / Vulnerability

Google on Thursday launched safety updates to deal with a zero-day flaw in Chrome that it mentioned has been actively exploited within the wild.

Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free within the Visuals part. It was reported by an nameless researcher on Could 7, 2024.

Use-after-free bugs, which come up when a program references a reminiscence location after it has been deallocated, can result in any variety of penalties, starting from a crash to arbitrary code execution.

“Google is aware that an exploit for CVE-2024-4671 exists in the wild,” the corporate mentioned in a terse advisory with out revealing further specifics of how the flaw is being weaponized in real-world assaults or the identification of the menace actors behind them.

Cybersecurity

With the newest growth, Google has addressed two actively exploited zero-days in Chrome because the begin of the 12 months.

Earlier this January, the tech big patched an out-of-bounds reminiscence entry situation within the V8 JavaScript and WebAssembly engine (CVE-2024-0519, CVSS rating: 8.8) that might lead to a crash.

Google additionally addressed three different zero-days that had been disclosed throughout the Pwn2Own hacking contest in Vancouver in March –

Customers are really helpful to improve to Chrome model 124.0.6367.201/.202 for Home windows and macOS, and model 124.0.6367.201 for Linux to mitigate potential threats.

Customers of Chromium-based browsers resembling Microsoft Edge, Courageous, Opera, and Vivaldi are additionally suggested to use the fixes as and once they change into obtainable.

Discovered this text fascinating? Observe us on Twitter and LinkedIn to learn extra unique content material we submit.

Recent articles

INTERPOL Pushes for

Dec 18, 2024Ravie LakshmananCyber Fraud / Social engineering INTERPOL is...

Patch Alert: Essential Apache Struts Flaw Discovered, Exploitation Makes an attempt Detected

Dec 18, 2024Ravie LakshmananCyber Assault / Vulnerability Risk actors are...