Edgar Cervantes / Android Authority
TL;DR
- A zero-day exploit was discovered in Chrome and has now been patched.
- The security vulnerability appears to be a “user after free” flaw.
- The fix is currently available for Windows, Mac, and Linux.
If you’re someone who uses Google Chrome as your browser of choice, or a Chromium-based browser, you’ll want to make sure you’re running on the latest update. Google has just released a patch that fixes a serious zero-day vulnerability.
First reported by Bleeping ComputerGoogle has released a note about a stable channel update for Chrome. The note in question says that the company is “aware that an exploit for CVE-2024-4671 exists in the wild.” This vulnerability is a high-severity issue that has been classified as a “user after free” vulnerability.
A user after free (UAF) exploit is a security flaw where a program continues to reference a dynamic memory location even after the memory has been freed. That freed memory could be used to store different data or be used by other software. Such an error can result in consequences like data leakage, code execution, or a crash.
This particular vulnerability (CVE-2024-4671) appears to be connected to the visuals component, which handles rendering and the display of content on the browser.
The fix is currently available for Windows, Mac, and Linux. Chrome usually installs updates with security fixes automatically. The same is true for Chromium-based browsers like Edge and Brave. But you can check to see if the patch is available by going to the three-dot menu > Settings > About Chrome. You can also get there clicking the three dot menu > Help > About Google Chrome.
You might like
#Google #patched #zeroday #Chrome #exploit #update #browser #asap
– 2024-05-13 17:21:18
