TapTechNews (May 11) reports that Google Chrome and Microsoft Edge have both released urgent updates to address a high-risk security vulnerability identified as CVE-2024-4671, marking it the fifth zero-day vulnerability proven to be exploited by hackers this year.
This critical vulnerability, tracked as CVE-2024-4671, exists within the Visuals component and is classified as a 'use-after-free' error. A 'use-after-free' error denotes a security flaw where a program continues to use a pointer to memory after it has been freed, leading to potential data leakage, code execution, or crashes if the freed memory has been repurposed or is being utilized by another software or component.
Google has rolled out updates for Chrome version 124.0.6367.201/.202 for Mac/Windows platforms, and 124.0.6367.201 for the Linux platform to patch this zero-day flaw. Microsoft also resolved this issue in today's release, version 124.0.2478.97.