Google Discovers Fourth Zero-Day in Less Than a Month

  /     /     /  
Publicated : 23/11/2024   Category : security


Google Discovers Fourth Zero-Day in Less Than a Month


The tech company has rolled out fixes for a type confusion vulnerability that has already been exploited by malicious actors.



Google has
released an update
from its Chrome team for a high-severity security flaw, tracked as CVE-2024-5274, that actively exists in the wild.
The bug is classified as critical and is a type confusion vulnerability in the V8 JavaScript and WebAssembly engine.
These type confusion vulnerabilities, also known as
type manipulation
, can occur when a threat actor modifies a variable in order to trigger an unintended action. This can enable a threat actor to cause a crash, execute arbitrary code, or access control bypasses, among other capabilities.
The vulnerability was reported by two researchers: Google Threat Analysis Groups Clément Lecigne and Chrome Securitys Brendon Tiszka.
This is the
fourth zero-day vulnerability
that Google has had to patch this month alone. The other vulnerabilities include CVE-2024-4947, CVE-2024-4761, and CVE-2024-4671.
Google recommends that Windows and macOS users upgrade to Chrome version 125.0.6422.112/.113 and Linux users to version 125.0.6422.112. Chromium-based users should apply fixes as they become available, Google added.

Last News

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Google Discovers Fourth Zero-Day in Less Than a Month