Security News > 2024 > May > Google Chrome emergency update fixes 6th zero-day exploited in 2024

Google Chrome emergency update fixes 6th zero-day exploited in 2024
2024-05-14 08:10

Google has released emergency security updates for the Chrome browser to address a high-severity zero-day vulnerability tagged as exploited in attacks.

Chrome updates automatically when a security update is available, but users can confirm they're running the latest version by going to Settings > About Chrome, letting the update finish, and then clicking on the 'Relaunch' button to apply it.

This latest Google Chrome vulnerability is the sixth zero-day bug discovered and fixed in the popular web browser since the start of the year.

CVE-2024-0519: A high-severity out-of-bounds memory access weakness within the Chrome V8 JavaScript engine, allowing remote attackers to exploit heap corruption via a specially crafted HTML page, leading to unauthorized access to sensitive information.

CVE-2024-3159: A high-severity vulnerability caused by an out-of-bounds read in the Chrome V8 JavaScript engine.

Google fixes fifth Chrome zero-day exploited in attacks this year.


News URL

https://www.bleepingcomputer.com/news/security/google-chrome-emergency-update-fixes-6th-zero-day-exploited-in-2024/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-04-06 CVE-2024-3159 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome
Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.
network
low complexity
google CWE-119
8.8
2024-01-16 CVE-2024-0519 Out-of-bounds Write vulnerability in multiple products
Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject couchbase CWE-787
8.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 141 994 4922 2872 1623 10411