Security News > 2024 > January > Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability
2024-01-17 02:20
Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw. The issue, tracked as CVE-2024-0519, concerns an out-of-bounds memory access in the V8 JavaScript and WebAssembly engine, which can be weaponized by threat actors to trigger a crash. "By reading out-of-bounds memory, an attacker might be able to get secret values,
News URL
https://thehackernews.com/2024/01/zero-day-alert-update-chrome-now-to-fix.html
Related news
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- Firefox Zero-Day Under Attack: Update Your Browser Immediately (source)
- Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680) (source)
- Firefox Update Patches Exploited Vulnerability (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-16 | CVE-2024-0519 | Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |