"Exploited Chrome Zero-Day Patched by Google"

A Chrome 124 update released by Google recently patches a zero-day vulnerability that has an exploit that exists in the wild. The zero-day is tracked as CVE-2024-4671, and it has been described by Google as a high-severity use-after-free bug in the Visuals component. Google did not mention any information on the attacks exploiting the vulnerability. Chrome 124.0.6367.201/.202 for Mac and Windows and Chrome 124.0.6367.201 for Linux contain the patch for CVE-2024-4671. According to Google, this is the second Chrome vulnerability of 2024 that has been exploited in malicious attacks. The first is CVE-2024-0519, which the company patched in January.

SecurityWeek reports: "Exploited Chrome Zero-Day Patched by Google"