Security News > 2024 > August > New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)
2024-08-22 08:47
A new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google. About CVE-2024-7971 CVE-2024-7971 is a high-severity vulnerability caused by a type confusion weakness in V8, the open-source JavaScript and WebAssembly engine developed by Google for the Chromium and Google Chrome web browsers. “In languages without memory safety, such as C and C++, type confusion can lead to out-of-bounds memory access,” Mitre explains the problem. (V8 is written in … More → The post New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/08/22/cve-2024-7971/
Related news
- Qualcomm zero-day under targeted exploitation (CVE-2024-43047) (source)
- Ivanti fixes three CSA zero-days exploited in the wild (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381) (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) (source)
- Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680) (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575) (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-21 | CVE-2024-7971 | Type Confusion vulnerability in Google Chrome Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. | 8.8 |