[Gadgets] Google Chrome Updated With Patch for Nasty Zero-Day Vulnerability Exploited by Attackers

[Wolf.17]

 

Google Chrome has been updated with fixes for a zero-day security flaw that was being actively exploited in the wild, according to the search giant. The vulnerability affects a component in Chrome that renders web content on a user's screen, allowing attackers to take advantage of a user's computer when a user visits a maliciously crafted website. Chrome users on all desktop computer platforms will need to ensure that their browser is updated to the latest version in order to ensure that they are safe.

According to details shared by the company in a blog post, the latest stable versions of Google Chrome for Windows, macOS, and Linux includes a fix for a security flaw with a 'High' severity rating. Google says it has patched a use after free vulnerability (CVE-2024-4671) is related to the Visuals component on Chrome, reported by an anonymous external researcher.

A use after free vulnerability would allow an attacker to access out-of-bounds-memory when a user visits a malicious crafted webpage, by taking advantage of the vulnerability. This would allow them to access data remotely, or gain access to and control the systemNotably, Google's blog post also states that the company "is aware that an exploit for CVE-2024-4671 exists in the wild." As a result, it is imperative that users make sure that they are running on the latest stable version of Chrome — version 124.0.6367.201/.202 for Windows and macOS, and version 124.0.6367.201 for Linux computers.

https://www.gadgets360.com/apps/news/google-chrome-update-patch-zero-day-vulnerability-how-to-update-5641119#pfrom=topstory