Google Patched Another Chrome Zero-Day Under Active Attack

Google rolled out another important security update for its Chrome browser as it addressed a zero-day vulnerability. The tech giant admitted detecting active exploitation of the flaw, making it necessary for the users to update their devices with the latest Chrome releases at the earliest.

Latest Google Chrome Release Fix Another Zero-Day Under Attack

Reportedly, Google addressed a high-severity zero-day vulnerability in its Chrome browser with the latest update. The vulnerability, like most other Chrome flaws, went under attack before Google could release a patch.

Specifically, the vulnerability is described as a type confusion flaw in the V8 component. The vulnerability, identified as CVE-2024-5274, received a high-severity rating. The flaw first caught the attention of two Google researchers, Clément Lecigne of Google’s Threat Analysis Group and Brendon Tiszka of Chrome Security, following which, the developers worked on patching the flaw. Google confirmed detecting active exploitation of the vulnerability in its Chrome release update.

The vulnerability affected both desktop and Android Chrome versions, consequently receiving the patch with the latest updates. According to the updates, Google patched the flaws with Chrome for Desktop version 125.0.6422.112/.113 for Windows and Mac, and 125.0.6422.112 for Linux, and Chrome for Android version 125 (125.0.6422.112/.113), respectively.

Google keeps addressing security issues with its Chrome browser as it detects to provide users with a safer browsing experience. With the recent decision to roll out weekly security updates for the Chrome browser, the tech giant takes another step towards alleviating potential security risks and their impact on the users in case of active exploitation attempts. However, since these vulnerabilities often pose a serious threat to the users, it is imperative for the users to update their devices as soon as possible.

The recent update comes days after another security fix for Chrome, also addressing a zero-day vulnerability under active attack.

Let us know your thoughts in the comments.

Related posts

NachoVPN Attack Risks Corporate VPN Clients

Sweet Security Introduces Evolutionary Leap in Cloud Detection and Response, Releasing First Unified Detection & Response Platform

Anti-Spam WordPress Plugin Vulnerabilities Risked 200K+ Websites