Google has recently released a gnashing in relations to a severe concern to all Chrome users, CVE-2024-7965 – this vulnerability is actively exploited. According to the report, the hole was found by a security researcher going by the name TheDog and could allow an attacker to run code on the Chrome browser through a constructed HTML page on the V8 JavaScript and WebAssembly engine. The vulnerability – classified as an “inappropriate implementation” flaw – poses a big risk to the users as it entails heap corruption.
Google actually released a patch in the last week that covered this problem and it has been confirmed that this vulnerability is being actively used in attack. This makes exploitation of the flaw a zero-day vulnerability, which means that users should upgrade their browsers to the most recent release possible. Chrome browser’s parent company has asked all users to upgrade to version 128 of the software. 0. 6613. 84/. 85 for Windows and macOS and version 128 for MacOS gets the same score as Windows. 0. 6613. 84 on Linux as a measure of preventing exploitation of the loophole that may lead to a further invasion of privacy or even damage of property.
This is not the first time that browser security issues are emerging with Google having fixed nine zero-day vulnerabilities in Chrome in early 2024. It is worth stating that the company remains active in the process of searching for the holes in the software, which can potentially pose certain risks to the users. The users are recommended to ensure they have the current version of the software and be cautious of the hackers who might be out to exploit the existing loopholes.
Google Issues Alert on Actively Exploited Chrome Vulnerability CVE-2024-7965
27-Aug-24