Google releases emergency fix for new Chrome zero-day flaw

Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild.

Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component. It was reported by an anonymous researcher on May 7, 2024.

Use-after-free bugs, which arise when a program references a memory location after it has been deallocated, can lead to any number of consequences, ranging from a crash to arbitrary code execution.

"Google is aware that an exploit for CVE-2024-4671 exists in the wild," the company said in a terse advisory without revealing additional specifics of how the flaw is being weaponized in real-world attacks or the identity of the threat actors behind them.

Chrome automatically updates when new releases become available. Users can force the update or confirm they're running the latest version by going to Settings > About Chrome and checking the version and, if needed, clicking on the Relaunch button.

Read more -here-

• Nintendo's new Switch 2 console to be released in 2025
• TikTok prepares to shut down app in US on Sunday
• Meta to lay off 5% of workforce amid AI investments
• ChatGPT can now handle reminders and to-dos
• T-Mobile to acquire digital advertising leader Vistar Media for $600M
• Netgear expands WiFi 7 home networking portfolio with Orbi 870 series mesh system