CVE-2024-4671
published 2024-05-14CVE-2024-4671: Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a…
PriorityP187critical9.6CVSS 3.1
AVNACLPRNUIRSCCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2024-06-03
Exploited in the wild
EPSS
8.35%
94.3th percentile
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chromium | chromium | >= 0 < 124.0.6367.201-1~deb12u1 | 124.0.6367.201-1~deb12u1 |
| chromium | chromium | >= 0 < 124.0.6367.201-1 | 124.0.6367.201-1 |
| chromium | chromium | >= 0 < 124.0.6367.201-1 | 124.0.6367.201-1 |
| debian | chromium | < chromium 124.0.6367.201-1~deb12u1 (bookworm) | chromium 124.0.6367.201-1~deb12u1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| chrome | < 124.0.6367.201 | 124.0.6367.201 | |
| chrome | >= 124.0.6367.201 < 124.0.6367.201 | 124.0.6367.201 | |
| chrome_chrome | — | — | |
| msrc | microsoft_edge | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect malicious iframes injected into legitimate Mongolian government websites (mfa.gov.mn, cabinet.gov.mn) pointing to attacker-controlled domains track-adv[.]com or ceo-adviser[.]com via obfuscated JavaScript. ↗
- →Monitor for client-side indexedDB creation with the database name 'tracker', which is used by the Chrome exploit chain to store attack stage/status information. ↗
- →Look for HTTP requests containing the 'tt=' parameter with a 24-character alphanumeric unique identifier across all stages of the exploit chain, as this is a consistent C2 tracking pattern. ↗
- →The Chrome exploit chain targets Android users running Chrome versions m121 to m123; prioritize detection and patching on Android Chrome in that version range. ↗
- →The exploit uses ECDH key exchange for stage encryption (unlike prior campaigns using a static key from C2); network traffic showing ECDH key negotiation before exploit delivery is a behavioral indicator. ↗
- ·The exploit chain only targeted Android users running Chrome versions m121–m123; users on patched versions (124.0.6367.201+) or non-Android platforms were not the intended targets of the CVE-2024-4671 sandbox escape. ↗
CVSS provenance
nvdv3.19.6CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
osv9.6CRITICAL
vulncheck9.6CRITICAL
cisa9.6CRITICAL
vendor_debian9.6CRITICAL
vendor_msrc9.6CRITICAL
vendor_redhat9.6CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2024-4671: Use after free in Visuals in Google Chrome prior to 124
osv·2024-05-14·CVSS 9.6
CVE-2024-4671 [CRITICAL] CVE-2024-4671: Use after free in Visuals in Google Chrome prior to 124
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
GHSA
GHSA-gg58-4q4g-xvcw: Use after free in Visuals in Google Chrome prior to 124
ghsa_unreviewed·2024-05-14
CVE-2024-4671 [CRITICAL] CWE-416 GHSA-gg58-4q4g-xvcw: Use after free in Visuals in Google Chrome prior to 124
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
VulnCheck
Google Chromium Visuals Use-After-Free Vulnerability
vulncheck·2024·CVSS 9.6
CVE-2024-4671 [CRITICAL] CWE-416 Google Chromium Visuals Use-After-Free Vulnerability
Google Chromium Visuals Use-After-Free Vulnerability
Google Chromium Visuals contains a use-after-free vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Affected: Google Chromium
Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html; https://www.hivepro.com/threat-advisory/google-chrome-fixes-zero-day-cve-2024-4671-exploited-
Microsoft
Chromium: CVE-2024-4671 Use after free in Visuals
vendor_msrc·2024-05-14·CVSS 9.6
CVE-2024-4671 [CRITICAL] Chromium: CVE-2024-4671 Use after free in Visuals
Chromium: CVE-2024-4671 Use after free in Visuals
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Google is aware that an exploit for CVE-2024-4671 exists in the wild.
FAQ:
Microsoft Edge Channel
Microsoft Edge Version
Date Released
Based on Chromium Version
Stable
124.0.2478.97
5/10/2024
124.0.6367.155/.156
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vuln
CISA
Google Chromium Visuals Use-After-Free Vulnerability
cisa·2024-05-13·CVSS 9.6
CVE-2024-4671 [CRITICAL] CWE-416 Google Chromium Visuals Use-After-Free Vulnerability
Vulnerability: Google Chromium Visuals Use-After-Free Vulnerability
Affected: Google Chromium
Google Chromium Visuals contains a use-after-free vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes: https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html?m=1; https://nvd.nist.gov/vuln/detail/CVE-2024-4671
Remediation Due Date: 2024-06-03
Chrome
Long Term Support Channel Update for ChromeOS: CVE-2024-4671
vendor_chrome·2024-05-13·CVSS 9.6
CVE-2024-4671 [CRITICAL] Long Term Support Channel Update for ChromeOS: CVE-2024-4671
Long Term Support Channel Update for ChromeOS
CVE-2024-4671
Red Hat
chromium-browser: use after free in Visuals
vendor_redhat·2024-05-10·CVSS 9.6
CVE-2024-4671 [CRITICAL] CWE-416 chromium-browser: use after free in Visuals
chromium-browser: use after free in Visuals
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
A use after free vulnerability was found in the Chromium web browser.
Statement: Chromium is not shipped in any supported Red Hat offerings.
Mitigation: Until updated packages are released for Fedora and EPEL, consider temporarily swapping to an alternative web browser such as Firefox or severely restricting activity to sites you know well and trust.
Package: chromium-browser (Red Hat Enterprise Linux 6) - Out of support scope
Debian
CVE-2024-4671: chromium - Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a rem...
vendor_debian·2024·CVSS 9.6
CVE-2024-4671 [CRITICAL] CVE-2024-4671: chromium - Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a rem...
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Scope: local
bookworm: resolved (fixed in 124.0.6367.201-1~deb12u1)
bullseye: open
forky: resolved (fixed in 124.0.6367.201-1)
sid: resolved (fixed in 124.0.6367.201-1)
trixie: resolved (fixed in 124.0.6367.201-1)
Suricata
ET WEB_CLIENT Adobe Flash Player Rosetta Flash compressed CWS
suricata·2014-07-09
CVE-2014-4671 ET WEB_CLIENT Adobe Flash Player Rosetta Flash compressed CWS
ET WEB_CLIENT Adobe Flash Player Rosetta Flash compressed CWS
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Adobe Flash Player Rosetta Flash compressed CWS"; flow:established,to_client; file.data; content:"callback=CWS"; nocase; fast_pattern; content:")).)+?data\s*?\=\s*?[\x22\x27][^\x22\x27]*[?&]callback=CWS[a-zA-Z0-9_\.\x0d\x0a]{50,}+[&\x22\x27]/Rsi"; reference:url,miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/; reference:cve,2014-4671; classtype:attempted-user; sid:2018656; rev:5; metadata:affected_product Web_Browsers, affected_product Web_Browser_Plugins, attack_target Client_Endpoint, created_at 2014_07_09, cve CVE_2014_4671, deployment Perimeter, signature_severity Major, tag Web_Client_Attacks, updated_at 2024_04_07;)
Suricata
ET WEB_CLIENT Adobe Flash Player Rosetta Flash compressed FWS
suricata·2014-07-09
CVE-2014-4671 ET WEB_CLIENT Adobe Flash Player Rosetta Flash compressed FWS
ET WEB_CLIENT Adobe Flash Player Rosetta Flash compressed FWS
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Adobe Flash Player Rosetta Flash compressed FWS"; flow:established,to_client; file.data; content:"callback=FWS"; nocase; fast_pattern; content:")).)+?data\s*?\=\s*?[\x22\x27][^\x22\x27]*[?&]callback=FWS[a-zA-Z0-9_\.\x0d\x0a]{50,}+[&\x22\x27]/Rsi"; reference:url,miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/; reference:cve,2014-4671; classtype:attempted-user; sid:2018657; rev:5; metadata:affected_product Web_Browsers, affected_product Web_Browser_Plugins, attack_target Client_Endpoint, created_at 2014_07_09, cve CVE_2014_4671, deployment Perimeter, signature_severity Major, tag Web_Client_Attacks, updated_at 2024_04_07;)
Suricata
ET WEB_CLIENT Adobe Flash Player Rosetta Flash compressed ZWS
suricata·2014-07-09
CVE-2014-4671 ET WEB_CLIENT Adobe Flash Player Rosetta Flash compressed ZWS
ET WEB_CLIENT Adobe Flash Player Rosetta Flash compressed ZWS
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Adobe Flash Player Rosetta Flash compressed ZWS"; flow:established,to_client; file.data; content:"callback=ZWS"; nocase; fast_pattern; content:")).)+?data\s*?\=\s*?[\x22\x27][^\x22\x27]*[?&]callback=ZWS[a-zA-Z0-9_\.\x0d\x0a]{50,}+[&\x22\x27]/Rsi"; reference:url,miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/; reference:cve,2014-4671; classtype:attempted-user; sid:2018658; rev:5; metadata:affected_product Web_Browsers, affected_product Web_Browser_Plugins, attack_target Client_Endpoint, created_at 2014_07_09, cve CVE_2014_4671, deployment Perimeter, signature_severity Major, tag Web_Client_Attacks, updated_at 2024_04_07;)
No public exploits indexed.
Tenable
Cybersecurity Snapshot: Schools Suffer Heavy Downtime Losses Due To Ransomware, as Banks Grapple with AI Challenges
blogs_tenable·2024-08-30
Cybersecurity Snapshot: Schools Suffer Heavy Downtime Losses Due To Ransomware, as Banks Grapple with AI Challenges
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Google Tag
State-backed attackers and commercial surveillance vendors repeatedly use the same exploits
blogs_google_tag·2024-08-29
State-backed attackers and commercial surveillance vendors repeatedly use the same exploits
Threat Analysis Group
## State-backed attackers and commercial surveillance vendors repeatedly use the same exploits
Aug 29, 2024
Today, we’re sharing that Google’s Threat Analysis Group (TAG) observed multiple in-the-wild exploit campaigns, between November 2023 and July 2024, delivered from a watering hole attack on Mongolian government websites. The campaigns first delivered an iOS WebKit exploit affecting iOS versions older than 16.6.1 and then later, a Chrome exploit chain against Android users running versions from m121 to m123. These campaigns delivered n-day exploits for which patches were available, but would still be effective against unpatched devices. We assess with moderate confidence the campaigns are linked to the Russian government-backed actor APT29. In each iteration o
Bleepingcomputer
Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors
blogs_bleepingcomputer·2024-08-29·CVSS 6.1
[MEDIUM] Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors
## Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors
## Bill Toulas
A watering hole is a cyberattack where a legitimate site is compromised with malicious code designed to deliver payloads to visitors that meet specific criteria, like device architecture or location (IP-based).
Interestingly, TAG notes that APT29 used exploits that were almost identical to those used by commercial surveillance-ware vendors like NSO Group and Intellexa, who created and leveraged the flaws as zero days when no fix was available.
## Timeline of attacks
Google's threat analysts note that APT29 has a long history of exploiting zero-day and n-day vulnerabilities.
In 2021, the Russian cyber-operatives exploited CVE-2021-1879 as a zero-day, targeting government officials in Eastern Eu
Bleepingcomputer
Google tags a tenth Chrome zero-day as exploited this year
blogs_bleepingcomputer·2024-08-26·CVSS 8.8
CVE-2024-7971 [HIGH] Google tags a tenth Chrome zero-day as exploited this year
## Google tags a tenth Chrome zero-day as exploited this year
## Sergiu Gatlan
This was announced in an update to a blog post where the company revealed last week that it had fixed another high-severity zero-day vulnerability (CVE-2024-7971) caused by a V8 type confusion weakness.
"Updated on 26 August 2024 to reflect the in the wild exploitation of CVE-2024-7965 which was reported after this release," the company said in today's update . "Google is aware that exploits for CVE-2024-7971 and CVE-2024-7965 exist in the wild."
Google has fixed both zero-days in Chrome version 128.0.6613.84/.85 for Windows/macOS systems and version 128.0.6613.84 Linux users, which have been rolling out to all users in the Stable Desktop channel since Wednesday.
Even though Chrome will automatically update
Bleepingcomputer
Google fixes ninth Chrome zero-day tagged as exploited this year
blogs_bleepingcomputer·2024-08-21·CVSS 8.8
CVE-2024-7971 [HIGH] Google fixes ninth Chrome zero-day tagged as exploited this year
## Google fixes ninth Chrome zero-day tagged as exploited this year
## Sergiu Gatlan
Today, Google released a new Chrome emergency security update to patch a zero-day vulnerability tagged as exploited in attacks.
"Google is aware that an exploit for CVE-2024-7971 exists in the wild," the company said in an advisory published on Wednesday.
This high-severity zero-day vulnerability is caused by a type confusion weakness in Chrome's V8 JavaScript engine. Security researchers with the Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) reported it on Monday.
Although such security flaws can commonly enable attackers to trigger browser crashes after data allocated into memory is interpreted as a different type, they can also exploit them for arbitra
Bleepingcomputer
Google fixes eighth actively exploited Chrome zero-day this year
blogs_bleepingcomputer·2024-05-24·CVSS 8.8
[HIGH] Google fixes eighth actively exploited Chrome zero-day this year
## Google fixes eighth actively exploited Chrome zero-day this year
## Bill Toulas
A "type confusion" vulnerability occurs when a program allocates a piece of memory to hold a certain type of data but mistakenly interprets the data as a different type. This can lead to crashes, data corruption, as well as arbitrary code execution.
Google has not shared technical details about the flaw to protect users from potential exploitation attempts from other threat actors and allow them to install a browser version that addresses the problem.
"Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed," said the t
Bleepingcomputer
Google fixes third actively exploited Chrome zero-day in a week
blogs_bleepingcomputer·2024-05-15·CVSS 8.8
CVE-2024-4671 [HIGH] Google fixes third actively exploited Chrome zero-day in a week
## Google fixes third actively exploited Chrome zero-day in a week
## Sergiu Gatlan
Although such flaws generally enable threat actors to trigger browser crashes by reading or writing memory out of buffer bounds, they can also exploit them for arbitrary code execution on targeted devices.
The other two actively exploited Chrome zero-days patched this week are CVE-2024-4671 (a use-after-free flaw in the Visuals component) and CVE-2024-4761 (an out-of-bounds write bug in the V8 JavaScript engine).
Microsoft also said it's "aware of the recent exploits existing in the wild" targeting CVE-2024-4947 and that its engineers are "actively working on releasing a security fix" for the Chromium-based Edge web browser.
## Fix rolling out to Stable channel users
The company fixed the zero-day fla
Schneier
Another Chrome Vulnerability
blogs_schneier·2024-05-14·CVSS 9.6
CVE-2024-4671 [CRITICAL] Another Chrome Vulnerability
## Another Chrome Vulnerability
Google has patched another Chrome zero-day:
On Thursday, Google said an anonymous source notified it of the vulnerability. The vulnerability carries a severity rating of 8.8 out of 10. In response, Google said, it would be releasing versions 124.0.6367.201/.202 for macOS and Windows and 124.0.6367.201 for Linux in subsequent days.
“Google is aware that an exploit for CVE-2024-4671 exists in the wild,” the company said.
Google didn’t provide any other details about the exploit, such as what platforms were targeted, who was behind the exploit, or what they were using it for.
Tags: Chrome , Google , patching , vulnerabilities , zero-day
Posted on May 14, 2024 at 7:01 AM • 15 Comments
Bleepingcomputer
Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws
blogs_bleepingcomputer·2024-05-14·CVSS 8.8
[HIGH] Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws
## Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws
## Lawrence Abrams
17 Elevation of Privilege Vulnerabilities
2 Security Feature Bypass Vulnerabilities
27 Remote Code Execution Vulnerabilities
7 Information Disclosure Vulnerabilities
3 Denial of Service Vulnerabilities
4 Spoofing Vulnerabilities
The total count of 61 flaws does not include 2 Microsoft Edge flaws fixed on May 2nd and four fixed on May 10th.
To learn more about the non-security updates released today, you can review our dedicated articles on the new Windows 11 KB5037771 cumulative update and the Windows 10 KB5037768 update .
## Three zero-days fixed
This month's Patch Tuesday fixes two actively exploited and one publicly disclosed zero-day vulnerabilities.
Microsoft classifies a zero-day as a flaw
Bleepingcomputer
Google Chrome emergency update fixes 6th zero-day exploited in 2024
blogs_bleepingcomputer·2024-05-14·CVSS 8.8
CVE-2024-4761 [HIGH] Google Chrome emergency update fixes 6th zero-day exploited in 2024
## Google Chrome emergency update fixes 6th zero-day exploited in 2024
## Bill Toulas
Out-of-bounds write issues occur when a program is allowed to write data outside the specified array or buffer, potentially leading to unauthorized data access, arbitrary code execution, or program crashes.
“Google is aware that an exploit for CVE-2024-4761 exists in the wild,” reads the advisory .
The company fixed the security flaw with the release of 124.0.6367.207/.208 for Mac/Windows and 124.0.6367.207 for Linux. The updates will roll out to all users over the coming days/weeks.
For users of the ‘Extended Stable’ channel, fixes will be made available in version 124.0.6367.207 for Mac and Windows.
Chrome updates automatically when a security update is available, but users can confirm they’re run
Checkpoint
13th May – Threat Intelligence Report
blogs_checkpoint·2024-05-13
CVE-2024-4671 13th May – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 13th May – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 13th May, please download our Threat_Intelligence Bulletin .
TOP ATTACKS AND BREACHES
Shared Services Connected Ltd, a payroll contractor for the UK Ministry of Defense has been breached, presumably by China. Around 270k records that include names and bank details of both current and past armed forces members were exposed.
US major healthcare operator Ascension, which operates 140 hospitals in 19 states, has disc
Qualys
Get Weekends Back: Put Chrome CVEs like CVE-2024-5274 on Auto-Patching | Qualys
blogs_qualys·2024-05-11·CVSS 9.6
CVE-2024-4671 [CRITICAL] Get Weekends Back: Put Chrome CVEs like CVE-2024-5274 on Auto-Patching | Qualys
#### Table of Contents
- Using Qualys and Zero-Touch Patching to Mitigate Risks
- Leveraging Qualys for Enhanced Security
- Google Chrome Zero-Day Update CVE-2024-4947 May 15, 2024
- Google Chrome Zero-Day Update CVE-2024-5274 May 24, 2024
On May 9th, Google released an emergency update for its Chrome browser to patch a critical zero-day vulnerability, CVE-2024-4671. The “use after free” vulnerability affects the Visuals component of Chrome, which is responsible for rendering and displaying content. CVE-2024-4671 was identified and reported to Google by an anonymous researcher. The company has disclosed that this vulnerability is likely being actively exploited. This vulnerability exploits a flaw in which a program continues to use a memory pointer after it has been freed, potentially le
Qualys
Get Weekends Back: Put Chrome CVEs like CVE-2024-5274 on Auto-Patching
blogs_qualys·2024-05-11·CVSS 9.6
CVE-2024-4947 [CRITICAL] Get Weekends Back: Put Chrome CVEs like CVE-2024-5274 on Auto-Patching
## Table of Contents
Using Qualys and Zero-Touch Patching to Mitigate Risks
Leveraging Qualys for Enhanced Security
Google Chrome Zero-Day Update CVE-2024-4947 May 15, 2024
Google Chrome Zero-Day Update CVE-2024-5274 May 24, 2024
On May 9th, Google released an emergency update for its Chrome browser to patch a critical zero-day vulnerability, CVE-2024-4671 . The “use after free” vulnerability affects the Visuals component of Chrome, which is responsible for rendering and displaying content. CVE-2024-4671 was identified and reported to Google by an anonymous researcher. The company has disclosed that this vulnerability is likely being actively exploited. This vulnerability exploits a flaw in which a program continues to use a memory pointer after it has been freed, potentially leading
Bleepingcomputer
Google fixes fifth Chrome zero-day exploited in attacks this year
blogs_bleepingcomputer·2024-05-10·CVSS 8.8
CVE-2024-4671 [HIGH] Google fixes fifth Chrome zero-day exploited in attacks this year
## Google fixes fifth Chrome zero-day exploited in attacks this year
## Bill Toulas
“Google is aware that an exploit for CVE-2024-4671 exists in the wild,” reads the advisory , without providing additional information.
Use after-free flaws are security flaws that occur when a program continues to use a pointer after the memory it points to has been freed, following the completion of its legitimate operations on that region.
Because the freed memory could now contain different data or be used by other software or components, accessing it could result in data leakage, code execution, or crash.
Google addressed the problem with the release of 124.0.6367.201/.202 for Mac/Windows and 124.0.6367.201 for Linux, with the updates rolling out over the coming days/weeks.
For users of the ‘Exten
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.htmlhttps://issues.chromium.org/issues/339266700https://lists.fedoraproject.org/archives/list/[email protected]/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/https://lists.fedoraproject.org/archives/list/[email protected]/message/BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F/https://lists.fedoraproject.org/archives/list/[email protected]/message/FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N/https://lists.fedoraproject.org/archives/list/[email protected]/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/https://lists.fedoraproject.org/archives/list/[email protected]/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.htmlhttps://issues.chromium.org/issues/339266700https://lists.fedoraproject.org/archives/list/[email protected]/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/https://lists.fedoraproject.org/archives/list/[email protected]/message/BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F/https://lists.fedoraproject.org/archives/list/[email protected]/message/FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N/https://lists.fedoraproject.org/archives/list/[email protected]/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/https://lists.fedoraproject.org/archives/list/[email protected]/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4671
2024-05-14
Published
2024-05-13
Added to CISA KEV
Exploited in the wild