Affiliate links on Android Authority may earn us a commission. Learn more.
Google just patched a zero-day Chrome exploit, update your browser asap
- A zero-day exploit was discovered in Chrome and has now been patched.
- The security vulnerability appears to be a “user after free” flaw.
- The fix is currently available for Windows, Mac, and Linux.
If you’re someone who uses Google Chrome as your browser of choice, or a Chromium-based browser, you’ll want to make sure you’re running on the latest update. Google has just released a patch that fixes a serious zero-day vulnerability.
First reported by Bleeping Computer, Google has released a note about a stable channel update for Chrome. The note in question says that the company is “aware that an exploit for CVE-2024-4671 exists in the wild.” This vulnerability is a high-severity issue that has been classified as a “user after free” vulnerability.
A user after free (UAF) exploit is a security flaw where a program continues to reference a dynamic memory location even after the memory has been freed. That freed memory could be used to store different data or be used by other software. Such an error can result in consequences like data leakage, code execution, or a crash.
This particular vulnerability (CVE-2024-4671) appears to be connected to the visuals component, which handles rendering and the display of content on the browser.
The fix is currently available for Windows, Mac, and Linux. Chrome usually installs updates with security fixes automatically. The same is true for Chromium-based browsers like Edge and Brave. But you can check to see if the patch is available by going to the three-dot menu > Settings > About Chrome. You can also get there clicking the three dot menu > Help > About Google Chrome.