{"id":167403,"date":"2024-08-22T08:10:43","date_gmt":"2024-08-22T08:10:43","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=167403"},"modified":"2024-08-26T22:50:22","modified_gmt":"2024-08-26T22:50:22","slug":"9th-chrome-zero-day-2024-html","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/167403\/hacking\/9th-chrome-zero-day-2024-html.html","title":{"rendered":"Google addressed the ninth actively exploited Chrome zero-day this year"},"content":{"rendered":"
<\/div>\n

Google released emergency security updates to fix the ninth actively exploited Chrome zero-day vulnerability this year.<\/h2>\n\n\n\n

\u200b\u200bGoogle released an emergency security update to address a Chrome zero-day vulnerability, tracked as CVE-2024-7971, that is actively exploited.<\/p>\n\n\n\n

The vulnerability is a type confusion issue that resides in Chrome’s V8 JavaScript engine. <\/p>\n\n\n\n

“Google is aware that an exploit for CVE-2024-7971 exists in the wild.” reads<\/a> the advisory published by the company that did not share details about the attacks exploiting the issue. “Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven\u2019t yet fixed.”.<\/em><\/gwmw><\/p>\n\n\n\n

“We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”<\/p>\n\n\n\n

Security researchers with the Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) reported the flaw to Google.<\/p>\n\n\n\n

Google addressed the vulnerability with the release of 128.0.6613.84\/.85 for Windows\/macOS systems and version 128.0.6613.84 Linux. The company will release versions for all users in the Stable Desktop channel over the coming weeks.<\/p>\n\n\n\n

\u200bBelow is the list of actively exploited zero-day vulnerabilities in the Chrome browser that have been fixed this year:<\/p>\n\n\n\n