Third one in a week: Google patches another actively exploited flaw in Chrome
Take action: Update your Chrome and Chromium browsers (Opera, Brave, Edge) as soon as possible. Yes, it's stupid to have to patch three times a week. Yet hackers are betting on our collective fatigue. Don't delay, the update is trivial and all your tabs are reopened automatically.
Learn More
Google Chrome has addressed its third actively exploited vulnerability within a week, after fixing CVE-2024-4761 and CVE-2024-4671.
The latest flaw, tracked as CVE-2024-4947 (CVSS score 8.8), is a type confusion vulnerability in Chrome’s V8 JavaScript and WebAssembly engine and has been actively exploited in the wild. Successful exploitation could enable arbitrary code execution, allowing attackers to install programs, view, change, or delete data, or create new accounts with full user rights, depending on the user's privileges.
Google has not provided detailed information on the exploitation specifics but confirmed that the vulnerability has been actively used in attacks. This marks the seventh zero-day vulnerability patched by Google in Chrome this year.
Other Chromium-based browser users, including Microsoft Edge, Brave, and Opera, should be aware that their browsers might also be affected.
Users are advised to patch their Chrome/Chromium browsers asap.
