Property Abroad
Blog
Google is addressing the fifth actively exploited zero-day vulnerability in Chrome this year.

Google is addressing the fifth actively exploited zero-day vulnerability in Chrome this year.

Google is addressing the fifth actively exploited zero-day vulnerability in Chrome this year.

Since the beginning of 2024, Google has released an update aimed at addressing the fifth actively exploited zero-day vulnerability in the Chrome browser. This week, the company announced security fixes related to the vulnerability, which has been designatedCVE-2024-467This is already the fifth zero-day vulnerability that has been actively exploited by attackers since the beginning of this year. This vulnerability is related to a use-after-free issue and is present in the browser's rendering component. An anonymous researcher reported this flaw on May 7, 2024. An official notice from Google confirms that there is exploit code for it.CVE-2024-467In open channels. As is often the case, the tech giant did not provide detailed information on how exactly the attack exploiting this vulnerability is carried out.

The corporation promptly resolved this issue with updates version 124.0.6367.201 and 124.0.6367.202 for Mac and Windows operating systems, as well as 124.0.6367.201 for Linux. These updates will be gradually rolled out over the next few days and weeks.

Other zero-day vulnerabilities in the Chrome browser that were fixed this year:

  • CVE-2024-0519: memory access error outside the allowable range in the JavaScript engine of the Chrome browser. (January 2024)
  • CVE-2024-2887There is a type confusion issue present in WebAssembly.
The vulnerability was demonstrated by Manfred Paul at the Pwn2Own 2024 competition. (March 2024)
  • CVE-2024-2886There is a use-after-free vulnerability in WebCodecs. This vulnerability was demonstrated by Syunghun Lee (@0x10n) from Hacking Lab KAIST at Pwn2Own 2024. (March 2024)
  • CVE-2024-3159: memory access error out of bounds in the V8 JavaScript engine. The vulnerability was demonstrated by Eduard Boshin (@le_douds) and Tao Yan (@Ga1ois) from Palo Alto Networks during Pwn2Own 2024 on March 22, 2024. (March 2024)

    • Follow my updates on Twitter: @securityaffairs, as well as on Facebook and Mastodon. Pierluigi Paganini (SecurityAffairs – hacking, Google)

    We will find property for you

    • 🔸 Reliable new buildings and ready-made apartments
    • 🔸 Without commissions and intermediaries
    • 🔸 Online display and remote transaction

    Popular Posts

    Subscribe to the newsletter from Hatamatata.com!

    I agree to the processing of personal data and confidentiality rules of Hatamatata

    Need advice on your situation?

    Get a  free  consultation on purchasing real estate overseas. We’ll discuss your goals, suggest the best strategies and countries, and explain how to complete the purchase step by step. You’ll get clear answers to all your questions about buying, investing, and relocating abroad.

    Vector Bg
    Irina

    Irina Nikolaeva

    Sales Director, HataMatata