Security News > 2024 > May > Google fixes Chrome zero-day with in-the-wild exploit (CVE-2024-4671)
Google has fixed a Chrome zero-day vulnerability, an exploit for which exists in the wild.
"Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," CIS explains.
"Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights."
"The Extended Stable channel has been updated to 124.0.6367.201 for Mac and Windows which will roll out over the coming days/weeks," the company added.
Users who have switched off automatic updating are advised to check for and implement the provided update, then restart the browser.
Users who have automatic updating turned on and haven't restarted the browser in a while should soon see a pop-up icon indicating a pending update.
News URL
https://www.helpnetsecurity.com/2024/05/10/cve-2024-4671/
Related news
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices (source)
- New Octo Android malware version impersonates NordVPN, Google Chrome (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- Qualcomm zero-day under targeted exploitation (CVE-2024-43047) (source)
- Ivanti fixes three CSA zero-days exploited in the wild (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381) (source)
- Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) (source)
- Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) (source)
- Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680) (source)
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)