Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability

News

May 10, 2024NewsroomBrowser Security / Vulnerability

Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild.

Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component. It was reported by an anonymous researcher on May 7, 2024.

Use-after-free bugs, which arise when a program references a memory location after it has been deallocated, can lead to any number of consequences, ranging from a crash to arbitrary code execution.

“Google is aware that an exploit for CVE-2024-4671 exists in the wild,” the company said in a terse advisory without revealing additional specifics of how the flaw is being weaponized in real-world attacks or the identity of the threat actors behind them.

Cybersecurity

With the latest development, Google has addressed two actively exploited zero-days in Chrome since the start of the year.

Earlier this January, the tech giant patched an out-of-bounds memory access issue in the V8 JavaScript and WebAssembly engine (CVE-2024-0519, CVSS score: 8.8) that could result in a crash.

Users are recommended to upgrade to Chrome version 124.0.6367.201/.202 for Windows and macOS, and version 124.0.6367.201 for Linux to mitigate potential threats.

Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Products You May Like

Articles You May Like

Massive Telecom Hack Exposes US Officials to Chinese Espionage
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 – Nov 10)
Amazon MOVEit Leaker Claims to Be Ethical Hacker
EU Ramps Up Cyber Resilience with Major Crisis Simulation Exercise
Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes

Leave a Reply

Your email address will not be published. Required fields are marked *