Google released a security update to address a new Chrome zero-day vulnerability, tracked as\u00a0CVE-2024-7965<\/a> (CVSS score 8.8), that is actively exploited.
“Google is aware that exploits for CVE-2024-7971 and CVE-2024-7965 exist in the wild.” reads<\/a>\u00a0the advisory published by the company that did not share details about the attacks exploiting the issue. “Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven\u2019t yet fixed.”.<\/em><\/p>\n\n\n\n
The security researcher TheDog reported the flaw on 2024-07-30.<\/p>\n\n\n\n
Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/strong><\/a><\/p>\n\n\n\n
Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n
(<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, Google)<\/strong>