Google issues emergency Chrome update to patch critical new vulnerability - SiliconANGLE (2024)

Table of Contents
Google issues emergency Chrome update to patch critical new vulnerability Your vote of support is important to us and it helps us keep the content FREE. One click below supports our mission to provide free, deep, and relevant content. Join our community on YouTube Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts. FAQs

Google issues emergency Chrome update to patch critical new vulnerability - SiliconANGLE (1) SECURITY

Google LLC has released a new emergency Chrome browser security update following the emergence of a new zero-day security vulnerability that is being exploited in the wild.

Tracked as CVE-2024-4947, the zero-day vulnerability is a “type confusion bug” in V8 in Google Chrome prior to version 125.0.6422.60 that allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. V8 is the JavaScript engine in Chrome and the vulnerability could allow an attacker to undertake unauthorized actions within the browser, potentially leading to further attacks.

The specific vulnerability was not the only one addressed in the release, with Google also patching Chome against eight other vulnerabilities. Among them wasCVE-2024-4948, which allowed a remote attacker to potentially exploit heap corruption, a memory management error, via a crafted HTML page.

Google is advising users to upgrade to Chrome version 125.0.6422.60/.61 for Windows and macOS and version 125.0.6422.60 for Linux to mitigate potential threats if their browsers are not set to automatically update. Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera and Vivaldi are also advised to check for updates from their respective browser providers that address the same vulnerabilities found in Chrome.

Patrick Tiquet, vice president of security and architecture at cybersecurity company Keeper Security Inc., told SiliconANGLE that these high-security flaws are serious and should be patched immediately.

“With CVE-2024-4947 actively being exploited in the wild, remote attackers are able to execute arbitrary code on affected systems, potentially compromising them entirely and allowing for data theft, system manipulation, or further exploitation, making it critical for Chrome users to update their browsers as soon as possible,” Tiquet said.

Lionel Litty, chief security architect at cloud security startup Menlo Security Inc., said the need to patch Chrome“is a reflection of attackers continuing to focus on browsers in general and Chrome in particular as their most prized target.”

“An exploitable bug in Chrome often means the ability to target not only the vast numbers of Chrome users on desktop and Android, but also the users of Edge and other more niche browsers that are also based on Chromium,” Litty added.

Image: ChatGPT 4o

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBEis an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate thecontent you create as well” – Andy Jassy

THANK YOU

See Also
What Is Remote Code Execution (RCE)?
Google issues emergency Chrome update to patch critical new vulnerability - SiliconANGLE (2024)

FAQs

Does Chrome have a serious security vulnerability? ›

CVE-2024-7971—the vulnerability that has been successfully attacked—is a type confusion in V8, a typical memory issue for a Chrome zero-day, which “allows a remote attacker to exploit heap corruption via a crafted HTML page.” This means an attacker can potentially exploit this to destabilize a PC, compromise data or ...

Read On
What vulnerability was detected Google Chrome? ›

OVERVIEW: Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.

Discover More Details
What is Chrome zero-day vulnerability 2024? ›

Technical details on the zero-day vulnerability

The zero-day vulnerability which is being fixed here is referred to as CVE-2024-7971: a type confusion in V8 in Google Chrome which allowed a remote attacker to exploit heap corruption via a crafted HTML page.

Continue Reading
Does my Chrome need to be updated? ›

To check if your Chrome is up-to-date, tap the three-dot menu on the top right and head to Settings. Click on Privacy and security → Safety Check.

See Details
Is Chrome being hacked? ›

The warning highlights multiple vulnerabilities in Google Chrome that could allow remote attackers to execute arbitrary code on targeted systems. To avoid these targeted attacks, users are strongly advised to update their browsers immediately.

Find Out More
Why is Chrome giving me a security warning? ›

Phishing and malware detection is turned on by default in Chrome. When you encounter phishing, malware, unwanted software, or social engineering sites, you may get a red warning that says "Dangerous site." If you see this warning, we recommend that you don't visit the site.

Tell Me More
Has my Chrome been hijacked? ›

Unwanted extensions: You are seeing new, unwanted programs on your web browser that you didn't install. These might be toolbars, extensions, or add-ons that popped up seemingly out of nowhere. If you experience these signs of malware, you may be dealing with a browser hijacker.

Show Me More
How can I tell if I have spyware on Chrome? ›

Browser symptoms
  1. Alerts about a virus or an infected device.
  2. Pop-up ads and new tabs that won't go away.
  3. Unwanted Chrome extensions or toolbars keep coming back.
  4. Your browsing seems out of your control, and redirects to unfamiliar pages or ads.
  5. Your Chrome homepage or search engine keeps changing without your permission.

Explore More
Is the Chrome virus warning real? ›

Pop-ups on web pages or in your browser are always fake. 📌 Note: Don't mix up virus alerts with browser security warnings. Browsers often warn you about unsafe websites, but those aren't virus alerts.

Continue Reading
Why are zero-day vulnerabilities a problem? ›

Many of these impair the security of the system and are thus vulnerabilities. Although the basis of only a minority of cyberattacks, zero-days are considered more dangerous than known vulnerabilities because there are fewer countermeasures possible.

Show Me More

What is the new Google Chrome zero-day vulnerability being exploited in the wild? ›

"Google is aware that an exploit for CVE-2024-7971 exists in the wild," the company said in an advisory published on Wednesday. This high-severity zero-day vulnerability is caused by a type confusion weakness in Chrome's V8 JavaScript engine.

Read The Full Story
Which browsers have zero-day vulnerability? ›

0.0 Day” vulnerability. This vulnerability allows malicious websites to bypass browser security and interact with services running on an organization's local network, potentially leading to unauthorized access and remote code execution on local services by attackers outside the network.

See Details
What is the newest version of Chrome? ›

Google Chrome
Windows, macOS, Linux128.0.6613.137/138 / 10 September 2024
Windows Server 2012/2012 R2109.0.5414.165 / 13 September 2023
Android128.0.6613.127 / 4 September 2024
iOS129.0.6668.46 / 11 September 2024
Extended Support Release128.0.6613.138 / 10 September 2024

Get More Info Here
What happens if you can't update Chrome? ›

What to do if Chrome won't update. If your Chrome app won't update and you're seeing an error message, try removing extensions that you don't use — this may also help speed up your browser. If Chrome still won't update, try uninstalling Chrome completely and reinstalling it from the official Google Chrome site.

Continue Reading
What is the difference between Google and Google Chrome? ›

Google and Google Chrome are two essential elements of the modern internet landscape, often used interchangeably but serving distinct functions. Google is a global technology company best known for its search engine, while Google Chrome is a web browser developed by Google to access the internet and view web pages.

View More
Is Chrome bad for security? ›

Chrome continuously checks if your browser is set up securely. It makes sure you have the latest security updates, checks your passwords and extensions for potential security risks, and resets permissions from unused sites to protect your privacy.

View Details
Does Chrome have built in virus protection? ›

Chrome is secure by default, protecting you from dangerous and deceptive sites that might steal your passwords or infect your computer. Advanced technologies, such as site isolation, sandboxing, and predictive phishing protections, keep you and your data safe.

See More
Which browser has the most vulnerabilities? ›

A research revealed that Google Chrome is the most vulnerable browser in 2022 with 303 vulnerabilities so far.

Learn More
Is Chrome a safe operating system? ›

Built-in security, out of the box

ChromeOS has features like verification at boot, a read-only OS that blocks executables, data encryption, sandboxing, and more.

Discover More Details
Top Articles
Heating: low and long or timed bursts
Tier 5 And TS/SCI
The Blackening Showtimes Near Century Aurora And Xd
Fan Van Ari Alectra
Bleak Faith: Forsaken – im Test (PS5)
Trevor Goodwin Obituary St Cloud
How Much Does Dr Pol Charge To Deliver A Calf
Limp Home Mode Maximum Derate
Ross Dress For Less Hiring Near Me
Top Financial Advisors in the U.S.
David Packouz Girlfriend
Jesse Mckinzie Auctioneer
Oppenheimer & Co. Inc. Buys Shares of 798,472 AST SpaceMobile, Inc. (NASDAQ:ASTS)
Amateur Lesbian Spanking
Infinite Campus Parent Portal Hall County
Wildflower1967
Truck Toppers For Sale Craigslist
Studentvue Columbia Heights
2 Corinthians 6 Nlt
Www.publicsurplus.com Motor Pool
Why Should We Hire You? - Professional Answers for 2024
Hobby Stores Near Me Now
Imouto Wa Gal Kawaii - Episode 2
Hdmovie2 Sbs
Obituaries Milwaukee Journal Sentinel
27 Modern Dining Room Ideas You'll Want to Try ASAP
Package Store Open Near Me Open Now
417-990-0201
Kelley Fliehler Wikipedia
Tmj4 Weather Milwaukee
What Time Does Walmart Auto Center Open
Tas Restaurant Fall River Ma
Academic important dates - University of Victoria
Planet Fitness Santa Clarita Photos
Rage Of Harrogath Bugged
Michael Jordan: A timeline of the NBA legend
The Banshees Of Inisherin Showtimes Near Reading Cinemas Town Square
062203010
Arcane Bloodline Pathfinder
8776725837
Lady Nagant Funko Pop
Brown launches digital hub to expand community, career exploration for students, alumni
Iupui Course Search
Crystal Glassware Ebay
Menu Forest Lake – The Grillium Restaurant
La Qua Brothers Funeral Home
Dobratz Hantge Funeral Chapel Obituaries
Minterns German Shepherds
Tito Jackson, member of beloved pop group the Jackson 5, dies at 70
El Patron Menu Bardstown Ky
Ciara Rose Scalia-Hirschman
Latest Posts
PayPal instant transfer: Fees, limits and types
Complete Guide To Mine Tron For Beginners
Article information

Author: Barbera Armstrong

Last Updated:

Views: 6114

Rating: 4.9 / 5 (59 voted)

Reviews: 82% of readers found this page helpful

Author information

Name: Barbera Armstrong

Birthday: 1992-09-12

Address: Suite 993 99852 Daugherty Causeway, Ritchiehaven, VT 49630

Phone: +5026838435397

Job: National Engineer

Hobby: Listening to music, Board games, Photography, Ice skating, LARPing, Kite flying, Rugby

Introduction: My name is Barbera Armstrong, I am a lovely, delightful, cooperative, funny, enchanting, vivacious, tender person who loves writing and wants to share my knowledge and understanding with you.