Google Releases Emergency Fix for New Chrome Zero-Day Flaw



Another zero-day, another patch. Google has issued an emergency fix for the Chrome browser to defend against a newly uncovered software flaw that’s being actively exploited.Google learned about the vulnerability, dubbed CVE-2024-4671, from an anonymous security researcher earlier this week and later gave it a high severity rating.In a security advisory, Google says it’s “aware that an exploit for CVE-2024-4671 exists in the wild,” but doesn’t reveal who’s exploiting the flaw. The company describes the problem as a “use after free” vulnerability in the Visuals component for the browser. This refers to a program re-accessing a memory location, even though the memory space has been freed up or deallocated. Doing so can trigger data corruption, crashes, or even the ability to execute rogue computer code, which can help a hacker download and launch malware on the system. “Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” says the nonprofit Center for Internet Security. 

Recommended by Our Editors

The flaw also likely affects other browsers, such as Microsoft Edge and Brave, which also rely on Google’s open-source Chromium software. In release notes for Edge, Microsoft says it’s “aware of the recent exploits existing in the wild. We are actively working on releasing a security fix.”For Google Chrome, the patch will arrive as version 124.0.6367.201/.202 for Mac and Windows and 124.0.6367.201 for Linux. Updating your Chrome browser today should enable you to receive it. If not, Google says the patch should automatically arrive in the coming days and weeks.

Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

We will be happy to hear your thoughts

Leave a reply

AnsarSales
Logo
Compare items
  • Total (0)
Compare
0
Shopping cart