Google Chrome Zero-day Vulnerability Exploited in the Wild (CVE-2024-4761)

Qualys Security Advisory

Google has released updates to address an actively exploited vulnerability in the Chrome browser. Tracked as CVE-2024-4761, Google has given the vulnerability a high severity rating. The out-of-bounds write vulnerability impacts the V8 JavaScript engine. The engine executes JS code in the application.

This is the sixth zero-day vulnerability fixed in 2024. The list includes:

Affected Versions

Google Chrome versions before 124.0.6367.207 are affected by this vulnerability.

Mitigation

Customers are requested to upgrade to the latest stable channel version 124.0.6367.207/.208 for Mac and Windows and 124.0.6367.207 for Linux.

In the coming weeks, Google will release Extended Stable channel version 124.0.6367.207 for Mac and Windows.

For more information, please refer to the Google Chrome Release Page.

Qualys Detection

Qualys customers can scan their devices with QID 379800 to detect vulnerable assets.

Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.

References
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_13.html

READ MORE

Leave a Reply

Your email address will not be published. Required fields are marked *