A critical vulnerability identified as CVE-2024-4761 has been discovered in the V8 engine of Google Chrome. This out-of-bounds write issue could allow a remote attacker to execute arbitrary code on a victim’s machine. The vulnerability was reported by an anonymous researcher on May 9, 2024. Google has promptly addressed this flaw in the latest stable channel update, version 124.0.6367.207/.208, which is now being rolled out across Mac, Windows, and Linux platforms. The Extended Stable channel for Mac and Windows has also been updated to the same version.
This security update is crucial as Google is aware of an exploit for CVE-2024-4761 existing in the wild. The company has restricted access to specific bug details and links to protect users until the majority have received the update. This measure is also applied if the vulnerability is present in third-party libraries that other projects depend on and haven’t yet been patched. Users are strongly encouraged to update their Chrome installations immediately to protect against potential exploits.
Google has expressed gratitude to the security researchers who contributed to identifying and addressing security issues during the development cycle. Their efforts have been instrumental in preventing many security bugs from reaching the stable channel. This collaborative approach underscores the importance of community involvement in enhancing cybersecurity.
For users interested in switching release channels or reporting new issues, Google provides resources and support through its community help forum and bug filing system. Keeping Chrome up-to-date is essential to maintain security and protect against newly discovered vulnerabilities. Users should stay vigilant and ensure their browsers are updated regularly to benefit from the latest security fixes and enhancements.
Reference:
