• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
new chrome zero day vulnerability cve 2024 4761 under active exploitation

New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation

You are here: Home / General Cyber Security News / New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation
May 14, 2024

Google on Monday transported emergency fixes to handle a new zero-working day flaw in the Chrome web browser that has appear beneath energetic exploitation in the wild.

The significant-severity vulnerability, tracked as CVE-2024-4761, is an out-of-bounds publish bug impacting the V8 JavaScript and WebAssembly motor. It was claimed anonymously on May 9, 2024.

Out-of-bounds compose bugs could be typically exploited by malicious actors to corrupt info, or induce a crash or execute arbitrary code on compromised hosts.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“Google is knowledgeable that an exploit for CVE-2024-4761 exists in the wild,” the tech large claimed.

Cybersecurity

Further specifics about the nature of the attacks have been withheld to reduce additional threat actors from weaponizing the flaw.

The disclosure comes simply times right after the corporation patched CVE-2024-4671, a use-just after-cost-free vulnerability in the Visuals component that has been exploited in actual-globe attacks.

With the hottest repair, Google has resolved a full of six zero-days given that the start off of the yr, a few of which have been shown at the Pwn2Own hacking contest in Vancouver in March –

  • CVE-2024-0519 – Out-of-bounds memory obtain in V8 (actively exploited)
  • CVE-2024-2886 – Use-just after-absolutely free in WebCodecs
  • CVE-2024-2887 – Variety confusion in WebAssembly
  • CVE-2024-3159 – Out-of-bounds memory accessibility in V8
  • CVE-2024-4671 – Use-following-totally free bug in Visuals (actively exploited)

Customers are proposed to update to Chrome variation 124..6367.207/.208 for Windows and macOS, and model 124..6367.207 for Linux to mitigate opportunity threats.

Consumers of Chromium-based browsers such as Microsoft Edge, Courageous, Opera, and Vivaldi are also advised to apply the fixes as and when they turn into offered.

Uncovered this posting attention-grabbing? Abide by us on Twitter  and LinkedIn to read through extra exceptional written content we write-up.


Some components of this posting are sourced from:
thehackernews.com

Previous Post: «critical flaws in cacti framework could let attackers execute malicious Critical Flaws in Cacti Framework Could Let Attackers Execute Malicious Code
Next Post: VMware Patches Severe Security Flaws in Workstation and Fusion Products vmware patches severe security flaws in workstation and fusion products»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
  • PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution
  • Securing Data in the AI Era
  • Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild
  • Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals
  • CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises
  • Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
  • Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord
  • Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods
  • What Security Leaders Need to Know About AI Governance for SaaS

Copyright © TheCyberSecurity.News, All Rights Reserved.