CVE-2024-3159

Google patches third exploited Chrome zero-day in a week By Sergiu Gatlan May 15, 2024 06:36 PM 0 ​Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week. "Google is aware that an exploit for CVE-2024-4947 exists in the wild," the search giant said in a security advisory published on Wednesday. The company fixed the zero-day flaw with the release of 125.0.6422.60/.61 for Mac/Windows and 125.0.6422.60 (Linux). Th...

Google Chrome emergency update fixes 6th zero-day exploited in 2024 By Bill Toulas May 14, 2024 04:10 AM 0 Google has released emergency security updates for the Chrome browser to address a high-severity zero-day vulnerability tagged as exploited in attacks. This fix comes only three days after Google addressed another zero-day vulnerability in Chrome, CVE-2024-4671, caused by a use-after-free weakness in the Visuals component. The latest bug is tracked as CVE-2024-4761. It is an out-of-bounds w...

Google fixes fifth Chrome zero-day exploited in attacks this year By Bill Toulas May 10, 2024 04:08 AM 0 ​Google has released a security update for the Chrome browser to fix the fifth zero-day vulnerability exploited in the wild since the start of the year. The high-severity issue tracked as CVE-2024-4671 is a “user after free” vulnerability in the Visuals component that handles the rendering and display of content on the browser. CVE-2024-4671 was discovered and reported to Google by an a...

Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs By Lawrence Abrams April 9, 2024 01:34 PM 0 .crit { font-weight:bold; color:red; } .article_section td { font-size: 14px!important; } Today is Microsoft's April 2024 Patch Tuesday, which includes security updates for 150 flaws and sixty-seven remote code execution bugs. Only three critical vulnerabilities were fixed as part of today's Patch Tuesday, but there are over sixty-seven remote code execution bugs. More than half of th...

Google fixes one more Chrome zero-day exploited at Pwn2Own By Sergiu Gatlan April 3, 2024 12:39 PM 0 Google has fixed another zero-day vulnerability in the Chrome browser, which was exploited by security researchers during the Pwn2Own hacking contest last month. Tracked as CVE-2024-3159, this high-severity security flaw is caused by an out-of-bounds read weakness in the Chrome V8 JavaScript engine. Remote attackers can exploit the vulnerability using crafted HTML pages to gain access to data bey...