Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability

News

May 10, 2024NewsroomBrowser Security / Vulnerability

Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild.

Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component. It was reported by an anonymous researcher on May 7, 2024.

Use-after-free bugs, which arise when a program references a memory location after it has been deallocated, can lead to any number of consequences, ranging from a crash to arbitrary code execution.

“Google is aware that an exploit for CVE-2024-4671 exists in the wild,” the company said in a terse advisory without revealing additional specifics of how the flaw is being weaponized in real-world attacks or the identity of the threat actors behind them.

Cybersecurity

With the latest development, Google has addressed two actively exploited zero-days in Chrome since the start of the year.

Earlier this January, the tech giant patched an out-of-bounds memory access issue in the V8 JavaScript and WebAssembly engine (CVE-2024-0519, CVSS score: 8.8) that could result in a crash.

Users are recommended to upgrade to Chrome version 124.0.6367.201/.202 for Windows and macOS, and version 124.0.6367.201 for Linux to mitigate potential threats.

Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Products You May Like

Articles You May Like

Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe
Thousands Download Malicious npm Libraries Impersonating Legitimate Tools
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware
US Organizations Still Using Kaspersky Products Despite Ban
DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages

Leave a Reply

Your email address will not be published. Required fields are marked *