Google is currently patching its Chrome browser to fix a high-severity security vulnerability. Google claims that there has been active exploitation of this vulnerability in the wild. The vulnerability, identified as CVE-2024-7971, pertains to a confusion bug present in the WebAssembly and JavaScript V8 engine as quoted in a report by The Hacker News.
In a blog post, Google confirmed the vulnerability, stating that it is aware that an exploit for CVE-2024-7971 exists in the wild, A remote attacker was able to exploit heap corruption via a crafted HTML page due to this confusion bug, according to the National Vulnerability Database. For those who do not know, heap corruption is the term for memory exploits. BlackBerry says they can be harmless in certain situations, but they can also result in a fatal memory fault where the system won't let related processes run.
Also Read: Was timing of Jennifer Lopez's divorce filing a masterstroke? Here's what attorney says
The Google blog attributes the discovery and reporting of the vulnerability on August 19 to the Microsoft Threat Intelligence Center and the Microsoft Security Response Center. As of this writing, Google has not disclosed any information regarding the type of attacks that took advantage of the vulnerability or the potential users of the weapon. This is the third kind of confusion page that Google has patched this year, according to Hacker News.
Users must update to Chrome version 128.0.6613.84/.85 for Windows and macOS in order to apply Google's fix. Users