Google Releases Security Update for Vulnerability CVE-2024-4761

Security update addresses one high severity vulnerability in Google Chrome that has an exploit in the wild

Threat ID:: CC-4489
Threat Severity:: Medium
Published:: 14 May 2024 4:03 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Security update addresses one high severity vulnerability in Google Chrome that has an exploit in the wild

Affected platforms

The following platforms are known to be affected:

Google Chrome for Windows, macOS and Linux

All prior to 124.0.6367.207/.208 for Windows
All prior to 124.0.6367.207/.208 for Mac
All prior to 124.0.6367.207 for Linux

Threat details

Be aware of a similarly-named exploited vulnerability

The two recent exploited vulnerabilities are:

CVE-2024-4671, covered in CC-4488, is a vulnerability that relates to a use after free condition in Visuals
CVE-2024-4761, covered in this Cyber Alert, is an out-of-bounds write in V8

Introduction

Google has released a security update which addresses a high severity vulnerability in Google Chrome for Windows, Mac, and Linux.

The high severity vulnerability, designated as CVE-2024-4761, relates to an out of bounds write in V8. This could allow a remote attacker to perform an out of bounds memory write via a crafted HTML page.

Exploit for CVE-2024-4761 in the wild

Google acknowledges that an exploit for CVE-2024-4761 exists in the wild

Remediation advice

Affected organisations are encouraged to review the Chrome Release 124.0.6367.207 advisory and apply the necessary updates to the latest release.

Definitive source of threat updates

https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_13.html

CVE Vulnerabilities

Status Published

CVE-2024-4761

Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Last edited: 14 May 2024 4:03 pm