Google has patched yet another Chrome zero-day bug — update your browser right now
Use after-free flaw can lead to data leaks, code execution and even crashes
Google has released a new security update to fix a recently discovered zero-day bug in its Chrome browser.
As reported by BleepingComputer, this is the fifth such vulnerability that has been exploited by hackers before being patched by the search giant since the beginning of this year. This new high-severity flaw (tracked as CVE-2024-4671) is a use-after-free vulnerability in the Visuals component of Chrome which handles rendering and displaying content in Google’s browser.
In an advisory, the company explained that the vulnerability, which was discovered and reported by an anonymous researcher, has been exploited in attacks in the wild. However, Google didn’t provide any additional information, likely to give Chrome users extra time to patch their browsers.
Use-after-free flaws can be particularly dangerous as they can lead to data leaks, code execution or crashes. Fortunately, Google patched this zero-day with Chrome version 124.0.6367.201/.202 for Mac and Windows which should be available to download and install at the time of writing.
How to stay safe from browser-based attacks
Since so much of our work and daily lives now take place within our browsers, it’s extremely important to keep Chrome up to date.
Google uses a color-coded warning system to let you know that a new update is available for its browser. If you look at your profile picture, a bubble will appear next to it when there’s an update and it will be green for a 2-day old update, orange for a 4-day old update and red when an update was released at least a week ago.
If you don’t want to wait, you can also manually check to see if an update for Chrome is available by clicking on the three-dot menu in the upper right hand corner of your browser. From there, you need to open Settings and then go to About Chrome. If an update is ready to be installed, Chrome will automatically begin downloading it and it will be applied the next time you restart your browser.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
Just like with the best phones, keeping your browser up to date and running the latest software is the easiest way to avoid falling victim to cyberattacks. This is because cybercriminals love to prey on users that haven’t updated their browser yet.
Besides keeping Chrome regularly updated, you should also consider using the best antivirus software on your PC, the best Mac antivirus software on your Mac and one of the best Android antivirus apps on your Android smartphone. This way, no matter what threats you come across online, your devices and your data will be protected.
Google may patch a lot of zero-days in Chrome and its other products each year but by doing so, the company is doing its part to keep its users safe from hackers. However, it’s still up to you to install these updates in a timely manner.
More from Tom's Guide
- 3 Google Chrome features to activate now if you want to stay safe online
- This Android malware is stealing passwords by impersonating popular apps
- Google will soon hide your IP address in Chrome to protect your privacy
Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.