Thursday, November 21, 2024

Replace Chrome Now to Repair New Actively Exploited Vulnerability

Jan 17, 2024NewsroomBrowser Safety / Vulnerability

Chrome Zero Day Vulnerability

Google on Tuesday launched updates to repair 4 safety points in its Chrome browser, together with an actively exploited zero-day flaw.

The problem, tracked as CVE-2024-0519, issues an out-of-bounds reminiscence entry within the V8 JavaScript and WebAssembly engine, which will be weaponized by risk actors to set off a crash.

“By studying out-of-bounds reminiscence, an attacker may be capable to get secret values, equivalent to reminiscence addresses, which will be bypass safety mechanisms equivalent to ASLR as a way to enhance the reliability and chance of exploiting a separate weak spot to realize code execution as an alternative of simply denial of service,” in response to MITRE’s Frequent Weak point Enumeration (CWE).

Cybersecurity

Extra particulars in regards to the nature of the assaults and the risk actors that could be exploiting them have withheld in an try to stop additional exploitation. The problem was reported anonymously on January 11, 2024.

“Out-of-bounds reminiscence entry in V8 in Google Chrome previous to 120.0.6099.224 allowed a distant attacker to doubtlessly exploit heap corruption by way of a crafted HTML web page,” reads a description of the flaw on the NIST’s Nationwide Vulnerability Database (NVD).

The event marks the primary actively exploited zero-day to be patched by Google in Chrome in 2024. Final yr, the tech big resolved a complete of 8 such actively exploited zero-days within the browser.

Customers are beneficial to improve to Chrome model 120.0.6099.224/225 for Home windows, 120.0.6099.234 for macOS, and 120.0.6099.224 for Linux to mitigate potential threats.

Customers of Chromium-based browsers equivalent to Microsoft Edge, Courageous, Opera, and Vivaldi are additionally suggested to use the fixes as and after they turn into out there.

Discovered this text fascinating? Observe us on Twitter and LinkedIn to learn extra unique content material we put up.



Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles