A new Google security update offered this week keeps hackers from exploiting a known weakness in the world’s most popular web browser.
Google has been releasing timely security updates in rapid succession over the last few weeks, suggesting bad actors have been busier than normal abusing weaknesses in the world’s most popular web browser.
Whether you use Chrome on a Windows PC, Mac or Linux machine, the new version ensures safety from exploits leveraging a new security bug in the browser’s JavaScript and WebAssembly engine, according to a notice from Google.
Tracked as CVE-2024-5274, the V8 type-confusion vulnerability can be used to deploy targeted attacks on unpatched instances of Chrome used by people worldwide.
The internet giant refrains from detailing how the bug can be exploited to compromise end users’ data – giving everyone a chance to patch up before hackers start abusing the weakness. However, the tech behemoth cautions that bad actors are already capitalizing on the security hole.
“Google is aware that an exploit for CVE-2024-5274 exists in the wild,” reads the advisory.
Motivated threat actors have historically used zero-day flaws like this one to chain together exploits capable of running data-stealing malware, like spyware.
Bitdefender recommends deploying the latest security updates from your software/device vendor as soon as they’re available. Keeping your devices updated ensures you have the latest security patches applied, greatly reducing the attack surface for hackers.
To update your Chrome browser to the latest version, simply visit Settings -> About Chrome and let the app fetch the latest version for you. When prompted, relaunch Chrome.
A patched Chrome instance at this time should be version 125.0.6422.112/.113 for Windows and Mac, and 125.0.6422.112 for Linux. Chrome for Android has also received this timely security fix as version 125.0.6422.112/.113.
For peace of mind, consider running a dedicated security solution on your computer and smartphone.
tags
Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.
View all postsDecember 24, 2024
December 19, 2024
November 14, 2024