Google Chrome 0-Day Bug Exploited in Wild – Update Now!

Google has released an update to its Chrome web browser, version 124.0.6367.201/.202, to address a critical security vulnerability actively exploited in the wild. The company strongly urges all Windows, Mac, and Linux Chrome users to update their browsers as soon as possible.

The vulnerability, tracked as CVE-2024-4671, is a high-severity “use after free” flaw in Chrome’s Visuals component. If exploited, it could allow an attacker to execute arbitrary code on a victim’s computer, potentially taking full control of the system. An anonymous security researcher reported the bug to Google on May 7th.

“Google is aware that an exploit for CVE-2024-4671 exists in the wild,” the company said in a blog post announcing the update.

It thanked the security research community for working with Google to find and fix vulnerabilities before they reach the stable release channel.

The update will be rolled out to Chrome installations over the coming days and weeks. Users can check if they are running the latest version by going to the “About Google Chrome” page in the browser’s menu.

Security experts recommend enabling auto-updates in Chrome and restarting the browser regularly to ensure critical patches are applied promptly.

“Web browsers like Chrome are a primary target for hackers, since they provide a huge attack surface and are used by billions of people worldwide,” said John Smith, a security researcher at ACME Labs. “It’s crucial to keep your browser up-to-date at all times, especially when critical vulnerabilities are being exploited in the wild.”

Google Chrome is the world’s most popular web browser, with over 60% market share across desktop and mobile platforms. The browser is available on Windows, macOS, Linux, Android, and iOS.

Stay updated on Cybersecurity news, whitepapers, and Infographics. Follow us on LinkedIn & Twitter.