Update your browser to patch a new vulnerability in Chrome!

In order to fix a zero-day vulnerability in Chrome that it said had been actively exploited in the wild, Google provided security patches on Thursday.

The high-severity vulnerability, tracked as CVE-2024-4671, has been characterized as a use-after-free instance in the Visuals component. On May 7, 2024, an unidentified researcher made the discovery.

Use-after-free flaws can result in a variety of issues, such as a crash or unauthorized code execution, when a program refers a memory address after it has been deallocated.

“Google is aware that an exploit for CVE-2024-4671 exists in the wild,” the company stated in a brief alert, withholding further details about how the vulnerability is being used as a weapon in actual assaults or identifying the threat actors responsible.

Online safety
Google has fixed two actively exploited Chrome zero-days since the year’s beginning with the most recent release.

The tech giant fixed a potentially fatal out-of-bounds memory access vulnerability in the V8 JavaScript and WebAssembly engine earlier in January (CVE-2024-0519, CVSS score: 8.8).

To reduce possible risks, users are advised to update to Chrome versions 124.0.6367.201/.202 for Windows and macOS and 124.0.6367.201 for Linux.

Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.