Update your Chrome browser ASAP. Google has confirmed a zero-day exploited in the wild
Google has released a critical security update for the Chrome web browser. The zero-day flaw, CVE-2024-4671, is a "use-after-free" vulnerability in Chrome's Visuals component.
You might be asking, "what is Chrome's Visuals component?" In short, it's the part responsible for rendering and displaying content in the browser. Everyone uses a browser to open content, so everyone's vulnerable.
Specifically, the vulnerability enables an attacker to exploit out-of-bounds memory access. In English, that means if you go to a website with a malicious webpage, it can foul up your computer. It doesn't matter if your machine's running Linux, macOS, or Windows. This security hole is an equal-opportunity troublemaker.
Discovered by an anonymous researcher and reported directly to Google, CVE-2024-4671 has a Common Vulnerability Scoring System (CVSS) rating of 8.8, which means it's a serious vulnerability.
