Thursday, November 21, 2024

Chrome Zero-Day Alert — Replace Your Browser to Patch New Vulnerability

Might 10, 2024NewsroomBrowser Safety / Vulnerability

Chrome Zero-Day

Google on Thursday launched safety updates to handle a zero-day flaw in Chrome that it mentioned has been actively exploited within the wild.

Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free within the Visuals part. It was reported by an nameless researcher on Might 7, 2024.

Use-after-free bugs, which come up when a program references a reminiscence location after it has been deallocated, can result in any variety of penalties, starting from a crash to arbitrary code execution.

“Google is conscious that an exploit for CVE-2024-4671 exists within the wild,” the corporate mentioned in a terse advisory with out revealing further specifics of how the flaw is being weaponized in real-world assaults or the identification of the menace actors behind them.

Cybersecurity

With the newest improvement, Google has addressed two actively exploited zero-days in Chrome for the reason that begin of the yr.

Earlier this January, the tech big patched an out-of-bounds reminiscence entry subject within the V8 JavaScript and WebAssembly engine (CVE-2024-0519, CVSS rating: 8.8) that would lead to a crash.

Customers are advisable to improve to Chrome model 124.0.6367.201/.202 for Home windows and macOS, and model 124.0.6367.201 for Linux to mitigate potential threats.

Customers of Chromium-based browsers corresponding to Microsoft Edge, Courageous, Opera, and Vivaldi are additionally suggested to use the fixes as and after they change into obtainable.

Discovered this text attention-grabbing? Comply with us on Twitter and LinkedIn to learn extra unique content material we put up.



Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles