Stay safe online, update Chrome now – US Cyber Agency

May 22, 2024
1 min read

TLDR:

  • Hackers have exploited critical security flaws in Google Chrome versions prior to 124.0.6367.207
  • Google has released version 125 to address these vulnerabilities and other high-risk fixes

Google Chrome users must ensure their browser is updated to version 125 as soon as possible to protect against these security vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-risk Chrome vulnerabilities to their Known Exploited Vulnerabilities Catalog and has urged federal agencies to update their browsers promptly. The vulnerabilities, labeled CVE-2024-4761 and CVE-2024-4671, could allow remote attackers to perform out-of-bounds memory writes and potential sandbox escapes. CISA has set resolution deadlines for these vulnerabilities, emphasizing the importance of timely remediation to reduce exposure to cyberattacks.

Google announced two additional high-risk vulnerabilities, CVE-2024-4947 and CVE-2024-4948, with at least one being actively exploited. These vulnerabilities could allow remote attackers to execute arbitrary code in a sandboxed environment via crafted HTML pages. The latest Chrome versions, 125.0.6422.60/.61 on Windows and Mac, and 125.0.6422.60 on Linux, address these vulnerabilities. Users can update Chrome by going to Settings and selecting About Chrome.

This urgent update reinforces the importance of cybersecurity hygiene and timely response to patch vulnerabilities to protect against potential cyber threats. Failure to update Chrome to the latest version could leave users vulnerable to exploitation by malicious actors.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and