2024 has only just begun but a number of very concerning Chrome issues have already been discovered. A total of four browser bugs have been reported to Google with all of them being given a “High” rating which means they need to be taken seriously. In fact, one is so troublesome that it’s been given the dreaded “zero-day” rating which basically means it’s already been spotted by hackers and is being used in the wild to attack browsers.
That looming threat is why Google has rushed to fix the glitches so quickly and release an update to billions of users across the world.
“Google is aware of reports that an exploit for CVE-2024-0519 exists in the wild,” the company confirmed in a post on its Chrome update page.
An urgent fix is slowly being pushed out to all users globally and it’s vital you check your browser is now fully up to date.
If you are using a Mac you need to check that it has Chrome version 120.0.6099.234 installed. Those with a Windows PC will be safe once they have installed version 120.0.6099.224.
“The Stable channel has been updated to 120.0.6099.234 for Mac and 120.0.6099.224 for Linux and 120.0.6099.224/225 to Windows which will roll out over the coming days/weeks,” Google added.
To check your browser is up to date follow the steps below.
• On your computer, open Chrome.
• At the top right, click More
• Click Help. About Google Chrome.
• Click Update Google Chrome. Important: If you can’t find this button, you’re on the latest version.
• Click Relaunch
Explaining more about why this threat should be taken seriously, Mike Walters, President and co-founder of Action1, said: “Google is releasing urgent patches for the first 0-day of the 2024 in Chrome, which has been actively exploited since the beginning of the year. The high-severity vulnerability is being tracked as CVE-2024-0519 and is related to an out-of-bounds memory access issue.
Hackers can exploit out-of-bounds memory access vulnerabilities by creating a malicious website or a malicious advertisement.
Once the vulnerability is exploited, the attacker could potentially access sensitive information such as passwords, credit card numbers, or other personal data stored in the user’s browser.
