News
Update Chrome: Google patches critical update (3rd this week)
Google fixed three zero-day vulnerabilities in Chrome in a week. One of them is actively being exploited for those who havne’t updated.
Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.
Google has been having quite a week because it just patched its third zero-day vulnerability in Chrome within seven days. The latest culprit? CVE-2024-4947.
If you think that sounds technical, you’re right, but stick with me. This affects almost everyone using the internet, so it’s worth unpacking
TL;DR Version: CVE-2024-4947 is a zero-day vulnerability in Chrome that’s being actively exploited. This makes it the third vulnerability that has been fixed in Chrome within the past week.
In layman’s terms, zero-day means the folks exploiting it found the vulnerability before Google could patch it. Yikes.
The Official Statement from Google
Google dropped this bombshell in its official blog: “The Stable channel has been updated to 117.0.5938.132 for Windows, Mac, and Linux, which will roll out over the coming days/weeks.”
Yup, they’re basically saying update your browser ASAP to avoid falling prey to these exploits because they are, in fact, being used on the greater public right now.
The Chain of Events
The first zero-day, CVE-2024-4868, was also raised a ruckus earlier in the week followed closely by CVE-2024-4946. And now, CVE-2024-4947 completes this hat-trick of headaches for Google’s security team.
Dive Deeper: What is CVE-2024-4947? According to Bleeping Computer, this Zero-day revolves around an exploit discovered in Chrome’s Rendering Engine, which is a pretty key part of the browser.
This exploit has been used actively in the wild, meaning bad actors have been taking advantage of it while the rest of us were blissfully unaware.
Why Should You Care?
These vulnerabilities can be used for everything from stealing personal information to deploying ransomware. Not updating your browser is akin to locking your front door but leaving the window open.
Protecting Yourself: To update to Chrome, go to your Chrome settings and update to version 117.0.5938.132.
Bonus points: Enable Automatic Updates – make sure your browser and OS are set to update automatically.
Sure, Google might have fixed CVE-2024-4947, but it really makes you think, doesn’t it? Cyber threats are getting smarter and more complex every day.
It’s a good reminder that keeping our software updated and staying sharp with our cybersecurity habits is more important than ever. Stay safe out there.
Have any thoughts on this? Drop us a line below in the comments, or carry the discussion to our Twitter or Facebook.
Editors’ Recommendations:
- Google will delete data collected from Chrome’s Incognito Mode
- The best password manager for Chrome (2024)
- Google Chrome gets three new experimental AI tools
- Massive Pixel 9 leak reveals almost every detail