Security News > 2024 > May > Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274)
For the eighth time this year, Google has released an emergency update for its Chrome browser that fixes a zero-day vulnerability with an in-the-wild exploit.
As per usual, Google keeps technical details of the vulnerability under wraps.
The fact that the vulnerability has been reported by security researcher Clément Lecigne of Google's Threat Analysis Group and Brendon Tiszka of its Chrome Security team seems to indicate that the zero-day is also being actively exploited by attackers.
The zero-day has been fixed in Chrome 125.0.6422.112/.113 and 125.0.6422.112.
Depending on the operating system you use and whether you have disabled the auto-updating feature or not, you can implement the update manually or you can close and reopen the browser and Google will do that for you.
Earlier this month, Google fixed three exploited zero-days in less than a week.
News URL
https://www.helpnetsecurity.com/2024/05/24/cve-2024-5274/
Related news
- Google Chrome’s AI feature lets you quickly check website trustworthiness (source)
- Microsoft fixes exploited zero-day (CVE-2024-49138) (source)
- Google says new scam protection feature in Chrome uses AI (source)
- Google Chrome uses AI to analyze pages in new scam detection feature (source)
- New details reveal how hackers hijacked 35 Google Chrome extensions (source)
- Google Chrome is making it easier to share specific parts of long PDFs (source)
- Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) (source)
- Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282) (source)
- Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591) (source)