Google Chrome Update Fixes Flaw Exploited in the Wild

New Chrome release set to roll out over the next few days addresses 38 security issues in the browser.

Dark Reading Staff, Dark Reading

August 22, 2024

1 Min Read
A closeup of the Google Chrome application in the dock of a computer screen
Source: imageBROKER.com GmbH & Co. KG via Alamy Stock Photo

New security fixes are being rolled out to address a high-severity vulnerability found in Google's Chrome browser.

The flaw, tracked as CVE-2024-7971, is a type confusion bug located in the V8 JavaScript and WebAssembly engine. Google reported that an exploit for the vulnerability exists in the wild.

According to the NIST National Vulnerability Database (NVD), "type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page."

Chrome's updated version 128 will roll out in the next few days and weeks, with fixes for 38 vulnerabilities, including CVE-2024-7971. Google credited the Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) with reporting the type confusion flaw just a few days ago. 

About the Author

Dark Reading Staff

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

See more from Dark Reading Staff
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

Icon with shield and keyhole, over a digital background
Application Security
Unfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid IDsUnfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid IDs
byJai Vijayan, Contributing Writer
Aug 15, 2024
4 Min Read
SolarWinds logo on a phone held up horizontally; background is blurred out
Vulnerabilities & Threats
SolarWinds: Critical RCE Bug Requires Urgent PatchSolarWinds: Critical RCE Bug Requires Urgent Patch
byDark Reading Staff
Aug 15, 2024
1 Min Read
AI code with 0s and 1s
Application Security
DARPA Aims to Ditch C Code, Move to RustDARPA Aims to Ditch C Code, Move to Rust
byRobert Lemos, Contributing Writer
Aug 13, 2024
5 Min Read
Reports
More Reports
White Papers
More Whitepapers
Events
More Events