Google Chrome developers have taken prompt action to address security concerns by releasing a patch that targets a newly discovered 0-day vulnerability, along with closing two additional serious loopholes. This proactive measure aims to enhance the browser’s security and protect users from potential risks.
CVE-2024-0519: Unauthorized Memory Access
The first vulnerability, identified as CVE-2024-0519, enabled unauthorized access to memory in the V8 browser engine. Exploiting this flaw could grant attackers access to sensitive information, circumvent ASLR protection, and induce browser crashes. Moreover, this vulnerability, when combined with others, could compel a victim’s computer to execute a specified program code. Although Google confirmed that hackers utilized this vulnerability in malware, specific details were not disclosed.
CVE-2024-0517 and CVE-2024-0518: Arbitrary Code Execution
The subsequent two vulnerabilities, CVE-2024-0517 and CVE-2024-0518, both facilitated the execution of arbitrary code on the victim’s PC. While the former focused on accessing memory, the latter relied on dynamic typing of JavaScript. Addressing these vulnerabilities is crucial to preventing remote execution of arbitrary code and safeguarding users against potential cyber threats, notes NIX Solutions.
Swift Updates for Enhanced Security
Users on Windows (120.0.6099.224/225), Linux (120.0.6099.224), and Mac (120.0.6099.234) can now benefit from the patched browser versions. These updates ensure a more secure browsing experience, emphasizing Google’s commitment to user safety and continuous improvement in the face of emerging cybersecurity challenges. Stay informed and update your Chrome browser to stay protected.