Several Chrome issues that threaten users have been discovered and reported to Google. More specifically four bugs were found including one so dangerous it was given a ‘zero-day’ rating meaning it needed to be fixed immediately as hackers had already begun exploiting the vulnerability. This emergency led to Google rushing to fix the issue and release an update to customers to keep them safe.
Discover our latest podcast
Memory corruption
The vulnerability in question was assigned as CVE-2024-0519, Google describes it as an out-of-bounds memory access issue in Chrome’s V8 JavaScrit engine according to Dark Reading. This means that when software attempts to access memory locations outside the boundaries assigned to it. In essence, this type of issue can be leveraged to gain access to sensitive data, modify it and potentially cause the entire infected system to crash or in worse cases remotely inject code that can execute anything hackers want.
Chrome has had a long track record of day-zero exploits plaguing the browser. From 2019 to 2024 the company has disclosed 43 bugs of this magnitude. These bugs affect not only the Chrome browser but other browsers based on Chromium technology such as Microsoft Edge and Brave as well.
Due to its popularity, Chrome is one of the most targeted browser technologies as it has taken over half of the worldwide market share. Browsers in general have slowly become targets for cyber attacks simply because of the amount of sensitive data they process on a day-to-day basis.
What should users do?
The first thing one needs to do is update their Chrome browser. Google has already released a version that patches this potential exploit. However, this is not enough to keep your browser experience safe. Users should always keep their software up to date whether it is on their phone or desktop. The recent expansion of cyberattacks on both private users and companies may only be an indication of further developments in the future. As such, exercise caution at all times when browsing the web.
Read more:
⋙ Cybersecurity: These 3 signs could indicate that your phone is infected with malware
⋙ Computers can now become infected by malware by viewing certain images, here's what we know
⋙ Android: Notorious malware that steals login info sneaks back on devices
Sources:
Dark Reading: Google Chrome Zero-Day Bug Under Attack, Allows Code Injection
The Hacker News: Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability