Security News Google Patches Another Zero-Day Vulnerability in Chrome

[lokamoka820]

Content source

https://www.bleepingcomputer.com/news/security/google-tags-a-tenth-chrome-zero-day-as-exploited-this-year/

Google has announced that it has patched the tenth zero-day vulnerability in its Chrome browser this year. A bug in the compiler backend of the V8 JavaScript engine caused the latest vulnerability, letting remote attackers exploit heap corruption from a crafted HTML page.

This latest zero-day vulnerability was tracked as CVE-2024-7965 and was reported by a security researcher known only as TheDog on July 30, 2024. Google has fixed the vulnerability in Chrome version 128.0.6613.84/.85 for Windows and macOS systems and version 128.0.6613.84 for Linux users. The update has been rolling out to all users on the Stable Desktop channel since Wednesday.

The last vulnerability, CVE-2024-7971, is also caused by a V8-type confusion weakness. Google has fixed both vulnerabilities in the same Chrome update. Both have been given a score of 8.8, which is high. While Google has confirmed that both vulnerabilities have been exploited in the wild, it hasn't shared more information regarding these attacks. The company has stated that it may keep details and links restricted until a majority of users are updated with a fix.

While you can wait for your browser to update automatically, it's always a good idea to check for updates yourself. To manually update, click the three dots at the top right of your Chrome browser. Then click Help > About Google Chrome. If you see a button labeled "Update Google Chrome," then an update is available; otherwise, you already have the most recent version of Chrome. If you update, make sure to completely close your browser and relaunch again.

This is the tenth zero-day vulnerability in Chrome that Google has patched this year. Other vulnerabilities that have been exploited include CVE-2024-0519, CVE-2024-2887, CVE-2024-2886, CVE-2024-3159, CVE-2024-4671, CVE-2024-4761, CVE-2024-4947, and CVE-2024-5274. As a result of each of these, Google has made sure to ask users to update their Chrome browsers to the latest version to protect themselves from these vulnerabilities.

 

[harlan4096]

Please, use quotes in posted security news, also selecting a few paragraphs and not the full article, thanks!

Also, in general for all users that usually posts news, check the forum rules of posting, thanks again.

 

[lokamoka820]

Please, use quotes in posted security news, also selecting a few paragraphs and not the full article, thanks!

Also, in general for all users that usually posts news, check the forum rules of posting, thanks again.

Thanks for the recommendation.

 

[lokamoka820]

Also, in general for all users that usually posts news, check the forum rules of posting, thanks again.

I searched for forum rules of posting, but I didn't find it, can you please send me a link, thank you.

 

[lokamoka820]

If you go to the bottom of the main forum webpage, you'll find them there

View attachment 285170

Thanks, you always give the hand.

 

[Jonny Quest]

Thanks, you always give the hand.

You're welcome Sorry, I deleted that post, as I wasn't sure if it was specifically what you were looking for, regarding how to post a news topic. But, there are also some nice links on the left hand side as well.

 

[lokamoka820]

You're welcome Sorry, I deleted that post, as I wasn't sure if it was specifically what you were looking for, regarding how to post a news topic. But, there are also some nice links on the left hand side as well.

I didn't read the rules yet, anyway I appreciate your help.