![Update your Chrome browser ASAP. Google has confirmed a zero-day exploited in the wild Update your Chrome browser ASAP. Google has confirmed a zero-day exploited in the wild](https://www.zdnet.com/a/img/resize/f2b59ba75a7efe7f2e4ce082a209b71b99c5eb97/2024/04/09/0bc130d2-0009-428c-91aa-1de1d5e5be32/chromesandboxhero.jpg?auto=webp&width=1280)
Google has released a critical security update for the Chrome web browser. The zero-day flaw, CVE-2024-4671, is a “use-after-free” vulnerability in Chrome’s Visuals component.
You might be asking, “what is Chrome’s Visuals component?” In short, it’s the part responsible for rendering and displaying content in the browser. Everyone uses a browser to open content, so everyone’s vulnerable.
Specifically, the vulnerability enables an attacker to exploit out-of-bounds memory access. In English, that means if you go to a website with a malicious webpage, it can foul up your computer. It doesn’t matter if your machine’s running Linux, macOS, or Windows. This security hole is an equal-opportunity troublemaker.
Also: 5 ways to declutter your Chrome browser – and take back control of your tab life
Discovered by an anonymous researcher and reported directly to Google, CVE-2024-4671 has a Common Vulnerability Scoring System (CVSS) rating of 8.8, which means it’s a serious vulnerability.
It could be worse — ratings above 9.0 are critical, aka Fix It Right Now — but this is bad enough. An attacker can use this flaw to read data from your computer, cause crashes, and even take over a PC. In short, it’s bad news.
What really makes this one a stinker is that it’s being exploited now. The advisory notes that Google is aware that an exploit for CVE-2024-4671 exists in the wild.
To ensure you’re protected, verify that you have the latest version of Chrome by navigating to Settings > About Chrome. The up-to-date protected versions are 124.0.6367.201/.202 for Mac and Windows and 124.0.6367.201 for Linux. Users in the Extended Stable channel will receive version 124.0.6367.201 for Mac and Windows in the coming days.
I wouldn’t wait. To stay safe, update Chrome immediately.