Security News > 2024 > March > Google fixes Chrome zero-days exploited at Pwn2Own 2024

Google fixed seven security vulnerabilities in the Chrome web browser on Tuesday, including two zero-days exploited during the Pwn2Own Vancouver 2024 hacking competition.
Google fixed the two zero-days in the Google Chrome stable channel, version 123.0.6312.86/.87 for Windows and Mac and 123.0.6312.86 for Linux users, which will roll out worldwide over the coming days.
While it only took Mozille one day and Google five days to patch these vulnerabilities, vendors usually take their time to release patches for security flaws demoed at Pwn2Own since they have 90 days to push fixes until Trend Micro's Zero Day Initiative publicly discloses bug details.
In January, Google also patched an actively exploited zero-day in Chrome that allowed attackers to access sensitive information or crash unpatched browsers due to an out-of-bounds memory access weakness in the Chrome V8 JavaScript engine.
The Pwn2Own 2024 Vancouver competition concluded on March 22, with security researchers earning $1,132,500 for demonstrating 29 zero-day exploits and exploit chains over two days.
Mozilla fixes two Firefox zero-day bugs exploited at Pwn2Own.
News URL
Related news
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito (source)
- Google: 97 zero-days exploited in 2024, over 50% in spyware attacks (source)
- Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products (source)
- Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android (source)
- Google Chrome to use on-device AI to detect tech support scams (source)
- Google Chrome to block admin-level browser launches for better security (source)
- Google fixes high severity Chrome flaw with public exploit (source)
- Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own (source)
- Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards (source)