CVE-2024-4947- Google Chrome Zero-Day Under Attack: Urgent Patch Released
Google has released an urgent patch for a zero-day vulnerability in Chrome, identified as CVE-2024-4947, which is being actively exploited by attackers. The flaw exists in the V8 JavaScript and WebAssembly engine and allows for arbitrary code execution when a user visits a malicious web page. Discovered by Kaspersky researchers Vasily Berdnikov and Boris Larin, the vulnerability is of high severity. Google has also addressed additional security issues with the latest Chrome update, including CVE-2024-4948, a use-after-free issue in Dawn; CVE-2024-4949, a use-after-free vulnerability in the V8 engine; and CVE-2024-4950, related to an inappropriate implementation in Chrome's Downloads feature. The updated versions of Chrome are 125.0.6422.60 for Linux and 125.0.6422.60/.61 for Windows and Mac. Users are advised to update their browsers immediately to safeguard against these threats. CVEs: CVE-2024-4947, CVE-2024-4761, CVE-2024-4671 [View Article](https://meterpreter.org/cve-2024-4947-google-chrome-zero-day-under-attack-urgent-patch-released/)