May 6, 2024

Google has addressed four vulnerabilities in its Chrome browser.

The most critical vulnerability, designated CVE-2024-4058. This flaw resides within ANGLE, a component of Chrome that translates graphics commands. If successfully exploited, it could allow attackers to execute arbitrary code on a victim’s machine, potentially leading to data theft, malware installation, or further system compromise.

Two other “high” severity vulnerabilities were also patched in this release:

  • CVE-2024-4059: An out-of-bounds read vulnerability in Chrome’s V8 JavaScript engine could potentially lead to the disclosure of sensitive information.
  • CVE-2024-4060: A use-after-free vulnerability in Dawn (Chrome’s WebGPU implementation) could be exploited for malicious purposes.
Advertisements

While Google hasn’t observed any active attacks leveraging these vulnerabilities, security experts often advise swift patching. Cybercriminals frequently reverse-engineer security updates to discover unpatched vulnerabilities, making it a race against time.

The recently released security updates – versions 124.0.6367.78/.79 for Windows and Mac and 124.0.6367.78 for Linux – are essential for protecting user data and system security. Users of the Extended Stable channel have also received these updates.

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

Synlab Italia suffers a cyber incident

May 5, 2024

TheCyberThrone Security Week In Review – May 04, 2024

May 4, 2024

Microsoft initiative in response to CSRB

May 4, 2024

Aruba fixes several Critical Vulnerabilities

May 3, 2024

Dropbox suffers a Data Breach

May 3, 2024

Gitlab CVE-2023-7028 added to CISA KEV Catalog

May 2, 2024

Discover more from TheCyberThrone

Subscribe now to keep reading and get access to the full archive.

Continue reading