{"id":163136,"date":"2024-05-14T10:53:46","date_gmt":"2024-05-14T10:53:46","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=163136"},"modified":"2024-05-16T13:02:44","modified_gmt":"2024-05-16T13:02:44","slug":"6th-chrome-zero-day-2024","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/163136\/hacking\/6th-chrome-zero-day-2024.html","title":{"rendered":"Google fixes sixth actively exploited Chrome zero-day this year"},"content":{"rendered":"
<\/div>\n

Google released emergency security updates to address an actively exploited Chrome zero-day vulnerability.<\/h2>\n\n\n\n

Google has released emergency security updates to address a high-severity zero-day vulnerability vulnerability, tracked as CVE-2024-4761, in the Chrome browser.<\/p>\n\n\n\n

The vulnerability is an out-of-bounds write issue that resides in the V8 JavaScript engine of the Google web browser. <\/p>\n\n\n\n

The company confirmed that the flaw is exploited in attacks in the wild.<\/p>\n\n\n\n

“CVE-2024-4761: Out of bounds write in V8. Reported by Anonymous on 2024-05-09″<\/em> reads the advisory<\/strong><\/a>. “<\/gwmw>Google is aware that an exploit for CVE-2024-4761 exists in the wild.”<\/gwmw><\/p>\n\n\n\n

The company addressed the zero-day flaw with the release of 124.0.6367.207\/.208 for Mac\/Windows and 124.0.6367.207 for Linux. Google will roll out updates to all users over the coming days\/weeks.<\/p>\n\n\n\n

The vulnerability CVE-2024-4671<\/a> is the sixth zero-day exploited in attacks fixed by the IT giant this year.<\/p>\n\n\n\n

As usual, Google did not publish details about the attacks exploiting the vulnerability.<\/p>\n\n\n\n

Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven\u2019t yet fixed<\/em>” continues the advisory.<\/p>\n\n\n\n

Below is the list of actively exploited zero-day flaws in the Chrome browser that have been fixed this year:<\/p>\n\n\n\n