The ninth Chrome zero-day vulnerability for 2024 has been addressed by Google, according to SC Media.
The bug, tracked as CVE-2024-7971, was actively exploited, says the company, and was discovered by the Microsoft Security Response Center and the Microsoft Threat Intelligence Center. The issue involves a type of confusion in Chrome’s V8 JavaScript engine, wherein resources are accessed incorrectly or are misallocated, potentially leading to security breaches or errors.
Approov CEO Ted Miracco raised concerns about the vulnerabilities in platforms such as Chrome due to its extensive user base, noting its potential widespread impact. SlashNext’s Field Chief Technology Officer Stephen Kowski noted that the rise in security attacks and urgent fixes to Chrome made by Google highlights the need for tech companies to boost defenses with prevention systems and systems for real-time attack detection as hackers continue to attack weak points.
“Security teams can blunt the impact of such vulnerabilities by staying ahead of the curve and taking decisive action,” said Kowski.