July 6, 2024

Hackers were exploiting a serious security flaw in Chrome, which Google issued fixes for on Thursday.

The type misunderstanding flaw in the V8 JavaScript and WebAssembly engines causes the vulnerability identified as CVE-2024-5274. On May 20, 2024, Clément Lecigne of Google’s Threat Analysis Group and Brendon Tiszka of Chrome Security reported the incident.

In the security advisory, Google stated, “Google is aware that an exploit for CVE-2024-5274 exists in the wild.”

When a program misinterprets memory allocation, a vulnerability known as “type confusion” arises, which increases the chance of crashes, data corruption, and code execution.

In order to shield users from abuse and make browser updates easier, Google has not released technical information.

“Until the majority of users receive an update resolving the issue, access to bug details and links may remain restricted. Due to unpatched vulnerabilities in interdependent third-party libraries, the tech giant will continue to impose restrictions.”

Update available on Chrome Stable

Google’s fix is coming to Windows and Mac in version 125.0.6422.112/.113, followed by Linux users in version 125.0.6422.112 in the next few weeks.

Important security updates are installed by Chrome automatically, and they become active after the browser is restarted. In the Settings menu’s About section, users can verify that they are running the most recent version.

When an update is ready, users should click the “Relaunch” button to apply it after waiting for the update process to complete.

With the latest fix, Google has resolved a total of eight zero-days in Chrome over the past five months –

Found this article interesting? Follow us on LinkedIn and Instagram to read more exclusive content we post.

About The Author

exploitdaily.com

See author's posts

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

Related News

Hackers Exploit Foxit PDF Reader Flaw to Deliver a Diverse Malware Arsenal

May 20, 2024