TapTechNews May 16 news, Google urgently released a security update for Chrome browser this Wednesday, focusing on fixing the vulnerability with tracking number CVE-2024-4947. This is the 3rd zero-day vulnerability discovered in the past 7 days that has been proven to be used for attacks, and the 7th zero-day vulnerability this year.
Google has released version 125.0.6422.60/.61 for Mac/Windows platforms and version 125.0.6422.60 for Linux platforms, and will complete the update deployment in the coming weeks.
Users who can't wait for Google's push can also go to the Chrome browser menu, open Help > About Google Chrome browser to check for updates, and restart to take effect after the update.
TapTechNews learned from the report that CVE-2024-4947 is a very high-risk zero-day vulnerability reported by Kaspersky's Vasily Berdnikov and Boris Larin, which exists in the Chrome V8 JavaScript engine and is caused by type confusion weakness.
Such vulnerabilities can often allow attackers to trigger browser crashes by reading or writing memory beyond buffer boundaries, and can also be used to execute arbitrary code on the target device.
Google confirmed that the CVE-2024-4947 vulnerability has been exploited, but the company has not shared more details about these events.