New security fixes are being rolled out to address a high-severity vulnerability found in Google’s Chrome browser.
The flaw, tracked as CVE-2024-7971, is a type confusion bug located in the V8 JavaScript and WebAssembly engine. Google reported that an exploit for the vulnerability exists in the wild.
According to the NIST National Vulnerability Database (NVD), “type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page.”
Chrome’s updated version 128 will roll out in the next few days and weeks, with fixes for 38 vulnerabilities, including CVE-2024-7971. Google credited the Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) with reporting the type confusion flaw just a few days ago.
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt0ea22157fd208731/66c77d66edd82821f7942bfe/chrome1800_imageBROKER.com_GmbH_&_Co._KG_alamy.jpg?disable=upscale&width=1200&height=630&fit=crop
