Google Chrome Zero-day Vulnerability Exploited in the Wild (CVE-2024-4671)

Qualys Security Advisory

Google has released updates to address an actively exploited vulnerability in the Chrome browser. Tracked as CVE-2024-4671, Google has given the vulnerability a high severity rating. The use-after-free vulnerability exists in the Visuals component. In the advisory, Google mentioned that they are aware of the active exploitation of the vulnerability.

Affected Versions

Google Chrome versions before 124.0.6367.201 are affected by this vulnerability.

Mitigation

Customers are requested to upgrade to the latest stable channel version 124.0.6367.201/.202 for Mac and Windows and 124.0.6367.201 for Linux.

In the coming weeks, Google will release Extended Stable channel 124.0.6367.201 for Mac and 120.0.6099.225 for Windows.

For more information, please refer to the Google Chrome Release Page.

Qualys Detection

Qualys customers can scan their devices with QID 379767 to detect vulnerable assets.

Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.

References
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html

READ MORE

Leave a Reply

Your email address will not be published. Required fields are marked *