Chrome Critical Flaw Let Attackers Execute Arbitary Code : Patch Now


Google announced the release of Chrome 124, which fixes four vulnerabilities, including a critical security issue that allows attackers to execute arbitrary code.

Over the next few days or weeks, the Google Stable channel will be updated to 124.0.6367.78/.79 for Windows and Mac and 124.0.6367.78 for Linux.

Google said the Extended Stable channel has been updated to 124.0.6367.78/.79 for Mac and Windows and will be available over the next few days and weeks.

Critical Vulnerability Addressed

A critical security vulnerability is CVE-2024-4058, Type Confusion in ANGLE graphics layer engine.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide

This vulnerability can be used remotely to execute arbitrary code or do limited user interaction sandbox escapes.

Typically, arbitrary code execution allows the attacker to enter a system without authorization or carry out operations beyond the authors’ intentions, which may result in data loss, corruption, or system compromise.

Google awarded a $16000 bounty after Toan (suto) Pham and Bao (zx) Pham of Qrious Secure reported this critical security flaw.

High Severity Vulnerabilities Addressed

Google fixed a high-severity vulnerability identified as Out-of-bounds read in V8 API, which was tracked as CVE-2024-4059.

Eirik discovered the vulnerability and reported it. Google Chrome withheld information regarding the reward for this issue.

Additionally, Google resolved a high-severity bug identified as CVE-2024-4060. Dawn, an open-source and cross-platform implementation of the WebGPU standard, contains a Use after Free condition. 

The flaw was discovered by wgslfuzz. Google Chrome withheld information regarding the reward for this issue.

Update Now!

To update the Chrome web browser, you have to follow a few simple steps that we have mentioned below:-  

  • Go to the Settings option.
  • Then select About Chrome.
  • Now, you must wait, as Chrome will automatically fetch and download the latest update.
  • Then, wait for the latest version to be installed.
  • Once the installation process is complete, you will have to restart Chrome.
  • That’s it. Now you are done.

Google recommends users update to the most recent version of Chrome as soon as possible to lessen security risks.

Combat Email Threats with Easy-to-Launch Phishing Simulations: Email Security Awareness Training -> Try Free Demo 



Source link