Chrome Zero-Day Alert -- Update Your Browser to Patch New Vulnerability
May 10, 2024
Newsroom
Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild.
Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component. It was reported by an anonymous researcher on May 7, 2024.
Use-after-free bugs, which arise when a program references a memory location after it has been deallocated, can lead to any number of consequences, ranging from a crash to arbitrary code execution.
"Google is aware that an exploit for CVE-2024-4671 exists in the wild," the company said in a terse advisory without revealing additional specifics of how the flaw is being weaponized in real-world attacks or the identity of the threat actors behind them.
https://thehackernews.com/2024/05/chrome-zero-day-alert-update-your.html?_m=3n%2e009a%2e3353%2eqb0ao44uux%2e2cw0