HomeCyberSecurity NewsUpdate Your Browser to Fix a New Vulnerability - Chrome Zero-Day Alert

Update Your Browser to Fix a New Vulnerability – Chrome Zero-Day Alert

Google released security updates on Thursday to address a zero-day vulnerability in Chrome that has been actively exploited in the wild.

The high-severity vulnerability, known as CVE-2024-4671, is a case of use-after-free in the Visuals component. It was reported by an anonymous researcher on May 7, 2024.

Use-after-free bugs occur when a program references a memory location after it has been deallocated, leading to various consequences such as crashes or arbitrary code execution.

“Google is aware of an exploit for CVE-2024-4671 in the wild,” the company stated in an advisory without disclosing specific details about the exploitation or threat actors.

Google has now addressed two actively exploited zero-day vulnerabilities in Chrome in 2024.

Previously in January, Google fixed an out-of-bounds memory access issue in the V8 JavaScript and WebAssembly engine (CVE-2024-0519, CVSS score: 8.8) that could cause crashes.

Additionally, Google addressed three other zero-day vulnerabilities disclosed during the Pwn2Own hacking contest in Vancouver in March.

It is recommended that users upgrade to Chrome version 124.0.6367.201/.202 for Windows and macOS, and version 124.0.6367.201 for Linux to protect against potential threats.

Users of Chromium-based browsers like Microsoft Edge, Brave, Opera, and Vivaldi should also apply the fixes as soon as they are available.



Please enter your comment!
Please enter your name here

Latest News