Google Addresses Critical Zero-Day Vulnerability with Security Patches

By: Austin Ukpebor - May 10, 2024 at 23:03:43pm

Google has swiftly responded to a critical security issue by releasing patches to mitigate a zero-day vulnerability. The flaw tracked as CVE-2024-4671 poses a high-severity risk and was discovered by a diligent researcher on May 7, 2024.

The vulnerability in question is related to Use-after-free bugs. These bugs occur when a program attempts to access a memory location after it has already been deallocated. Such programming errors can have serious consequences, including system crashes or enabling attackers to execute arbitrary code.

In addition to CVE-2024-4671, Google has also addressed several other zero-day vulnerabilities:

  1. CVE-2024-2886Use-after-free in WebCodecs
  2. CVE-2024-2887Type confusion in WebAssembly
  3. CVE-2024-3159Out-of-bounds memory access in V8

To safeguard users, Google recommends upgrading to the following Chrome versions:

  • Windows and macOS: Chrome version 124.0.6367.201/.202
  • Linux: Chrome version 124.0.6367.201

By promptly updating their browsers, users can help mitigate potential security threats associated with these vulnerabilities.