Skip to main content

Google Chrome Multiple Vulnerabilities

Last Update Date: 28 Aug 2024 Release Date: 22 Aug 2024 6771 Views

RISK: Extremely High Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, security restriction bypass and sensitive information disclosure on the targeted system.

 

Notes:

CVE-2024-7971 is being exploited in the wild. The vulnerability is caused by a type confusion weakness in the Chrome V8 JavaScript engine and can lead to remote code execution on targeted device.

 

CVE-2024-7965 is being exploited in the wild. The vulnerability allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 

[Updated on 2024-08-28] 

Updated Description.


Impact

  • Denial of Service
  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • Google Chrome prior to 128.0.6613.84 (Linux)
  • Google Chrome prior to 128.0.6613.84/.85 (Mac)
  • Google Chrome prior to 128.0.6613.84/.85 (Windows)

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

  • Update to version 128.0.6613.84 (Linux) or later
  • Update to version 128.0.6613.84/.85 (Mac) or later
  • Update to version 128.0.6613.84/.85 (Windows) or later

Vulnerability Identifier


Source


Related Link