Google has released a security update for the Chrome browser to fix a zero-day vulnerability exploit that has been used by threat actors. This is the fifth time this year the company has had to issue a patch for one of these vulnerabilities, as reported by Bleeping Computer.
"Google is aware that an exploit for CVE-2024-4671 exists in the wild," the company said in a short advisory. It did not issue any specifics as to the nature of the real-world attack or the identity of the threat actors. This is common for Google, as it likes to wait until a majority of users have updated the software before announcing specific details.
We do know some stuff about the exploit. It’s being classified as a “high-severity issue” and as a “user after free” vulnerability. These bugs arise when a program references a memory location after it has been deallocated, leading to any number of serious consequences from a crash to a random execution of code. It looks like the CVE-2024-4671 vulnerability is
