Google issues urgent Chrome update to patch zero-day vulnerability
Google has released an emergency security update for the Chrome browser for Windows, Mac, and Linux, and is urging all users of the browser to install it immediately.
The update is to fix CVE-2024-4671 which could allow remote access to data and Google confirms in Chrome's update notes that it is actively being exploited and therefore represents threat to your online security.
On the Chrome releases blog Google says, "The Stable channel has been updated to 124.0.6367.201/.202 for Mac and Windows and 124.0.6367.201 for Linux which will roll out over the coming days/weeks." The company also confirms they are, "aware that an exploit for CVE-2024-4671 exists in the wild."
To check if you're up to date go to About Chrome in the Settings menu, if it says 'Chrome is up to date -- Version 124.0.6367.202' you're all good. If not you need to allow Chrome to download the update, you'll then have to relaunch the browser to ensure you're protected.
Manas Chowdhury, VP of cloud security company AccuKnox, warns the new bug could let hackers exploit poorly managed memory to gain control of an affected device. "These vulnerabilities could cause anything from system crashes and corrupted data to, in the worst case scenario, attackers taking unauthorized access and control of a victim's system if they're cleverly exploited," Chowdhury says. "Google has confirmed that an exploit exists in the wild, making it a much more serious issue. Immediate action is needed to patch your system."
Image credit: PixieMe / Shutterstock