AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Google releases an emergency update for Chrome

Urgent update to fix critical vulnerability in Chrome, users advised to install it immediately

Google has released an urgent update for Chrome due to a serious vulnerability, CVE-2024-4671, which allows attackers to execute arbitrary code. We recommend that you upgrade your browser.

This pill is also available in Italian language

In response to the discovery of a serious vulnerability, Google has released an urgent update for its Chrome browser. The flaw, identified as CVE-2024-4671, belongs to the category of use-after-free errors related to the web page rendering component. This type of vulnerability could allow attackers to execute arbitrary code within the browser, putting the user's entire operating system at risk.

Vulnerability and exploit details

An anonymous cybersecurity researcher detected and reported the issue to Google on May 7, 2024. The company quickly responded by confirming that there is an exploit already used to exploit this flaw, although no further details regarding the attacks or the attackers were disclosed involved. The recommendation for users is to immediately update their browser to the latest version: 124.0.6367.201/.202 for Windows and macOS users, and 124.0.6367.201 for Linux users.

Previous Chrome vulnerabilities this year

This year, Google has already had to address and resolve several other security issues related to Chrome. In January, an out-of-bounds array access issue in the JavaScript and WebAssembly V8 engine (CVE-2024-0519, with a CVSS score of 8.8) raised concerns that it could lead to sensitive information disclosure . Additionally, during the Pwn2Own event in March in Vancouver, three more vulnerabilities were identified: misuse of already freed resources in WebCodecs (CVE-2024-2886), type confusion in WebAssembly (CVE-2024-2887 ), and another out-of-bounds access issue in V8 (CVE-2024-3159).

Recommendations for other Chromium-based browsers as well

Given the nature of Chrome's source code, based on Chromium, the recommendation to proceed with updates also extends to users of other browsers that share the same base, such as Microsoft Edge, Brave, Opera and Vivaldi. Keeping software updated is crucial to protecting users' data and cybersecurity in the face of increasingly sophisticated and frequent threats.

Follow us on Instagram for more pills like this

05/12/2024 11:20

Marco Verro

Last pills

Serious vulnerability discovered in AMD CPUs: invisible malware riskCritical flaws put AMD CPUs at risk: how hackers can gain stealth, persistent access to your systems

Shocking discovery in the world of browsers: a backdoor that has been exploited for 18 yearsHackers able to access private networks via backdoors in major web browsers

AI Act: new rules that will change the future of technologyNew rules for artificial intelligence: how the AI Act will change the technological and industrial landscape in Europe. Discover the challenges, opportunities and importance of international cooper...

Digital chaos: global connection issues hit Azure and Microsoft 365Microsoft's cloud services in haywire: here's what's happening and how the company is responding