Chrome users worldwide should ensure they have the latest version installed, as it addresses two important security vulnerabilities said to be exploited by threat actors in the wild.
Google last week rolled out Chrome 128 for desktop and mobile users, listing a wide range of security fixes in the world’s most popular web browser. Among those, a weakness in the browser’s V8 JavaScript engine, tracked as CVE-2024-7971, was said to have a working exploit that hackers could leverage to illicit ends.
This week, the web giant amended that blog entry to describe a second V8 flaw, tracked as CVE-2024-7965, which was recently deemed not just exploitable, but already exploited in the wild.
“Google is aware that exploits for CVE-2024-7971 and CVE-2024-7965 exist in the wild,” reads the updated text.
Users should be on version 128.0.6613.84/.85 on Windows and Mac, and version 128.0.6613.84 on Linux computers. Chrome 128.0.6613.88 for Android contains the same fixes, while Chrome for iOS 128.0.6613.92 only packs the usual “stability and performance improvements.”
Unlike last week’s warning, this time Google confirms that threat actors are actively exploiting these particular weaknesses, meaning users are strongly advised to update their Chrome browsers the first chance they get.
To make sure you’re on the latest version, visit the settings menu, choose About Chrome, let the app fetch the latest update from Google’s servers, then relaunch Chrome.
Mobile users can simply grab the latest release from their app stores.
As always, Bitdefender strongly recommends you deploy security updates the moment they’re available – especially when the vulnerabilities addressed are labelled serious, or potentially exploited by threat actors in the wild.
Staying up to date greatly reduces the attack surface for hackers, as most maintenance updates include important security fixes.
Unpatched flaws in Google Chrome have been known to lead to spyware infections in targeted attacks.
For peace of mind, consider a dedicated security solution for your personal devices.
tags
Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.
View all postsDecember 27, 2024
December 24, 2024
December 19, 2024