Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability

14-05-2024
Share
Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability

Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild.

Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component. It was reported by an anonymous researcher on May 7, 2024.

Use-after-free bugs, which arise when a program references a memory location after it has been deallocated, can lead to any number of consequences, ranging from a crash to arbitrary code execution.

Earlier this January, the tech giant patched an out-of-bounds memory access issue in the V8 JavaScript and WebAssembly engine (CVE-2024-0519, CVSS score: 8.8) that could result in a crash.

Google also addressed three other zero-days that were disclosed during the Pwn2Own hacking contest in Vancouver in March –

Users are recommended to upgrade to Chrome version 124.0.6367.201/.202 for Windows and macOS, and version 124.0.6367.201 for Linux to mitigate potential threats.

 

Source: https://thehackernews.com/