Update your Chrome browser right away. Google says that a zero-day vulnerability has been used in the wild.

There is a new JavaScript security hole in Chrome that is very bad, so patch your systems right away.

8,590

Google has put out a very important security fix for the Chrome computer browser. A “use-after-free” weakness in Chrome’s Visuals is what the zero-day flaw, CVE-2024-4671, is all about.

Perhaps you want to know, “What is Chrome’s Visuals component?” To put it simply, it’s the part that renders and shows information on the computer. Since everyone opens information in a computer, everyone is open to attack.

In particular, the flaw lets an attacker use out-of-bounds memory access to their advantage. That means that if you visit a website that has a bad page, it can mess up your computer. It doesn’t matter if Windows, Linux, or macOS is being used. This security hole can cause problems at any time.

The CVE-2024-4671 vulnerability was found by an unknown researcher and reported to Google directly. It has a CVSS grade of 8.8, which means it’s a very dangerous vulnerability.

It could be worse—ratings above 9.0 mean it needs to be fixed right away—but this is already pretty bad. Hackers can use this hole to get into your computer, read your files, make it crash, or even take control of it. To put it simply, it’s bad news.

The really bad thing about this is that it’s already being used. It says in the warning that Google knows there is a way to hack CVE-2024-4671 out there in the wild.

To stay safe, go to Settings > About Chrome and make sure you have the most up-to-date version of Chrome. The most recent versions that are safe to use are 124.0.6367.201/.202 for Windows and Mac and 124.0.6367.201 for Linux. In the next few days, version 124.0.6367.201 for Mac and Windows will be sent to Extra Stable users.

I am not going to wait. To be safe, you should update Chrome right away.

Comments are closed.