Google released a critical security update for its Chrome web browser to address attackers exploiting a high-severity vulnerability. The update brings Chrome to version 124.0.6367.201 for Windows, Mac, and Linux users on the Stable release channel.
The vulnerability, tracked as CVE-2024-4671, is a “use after free” flaw in the browser’s Visuals component that could allow an attacker to execute arbitrary code on a victim’s system.
Successful exploitation would give the attacker the same privileges as the logged-in user, potentially enabling them to install malware, steal data, or create new user accounts with full access.
What You Should Do:
Make sure you have the latest version of Chrome installed (124.0.6367.201/.202 for Windows and macOS, and version 124.0.6367.201 for Linux). To do this:
- Open Google Chrome
- Click on the three dots in the upper right corner of the screen
- Click on Help (near bottom of Menu)
- Click on About Google Chrome
- Check the version of Google Chrome and Install/Relaunch, if necessary
If you have questions or need assistance, contact a member of the BMT team.