Today’s Current Affairs: Google Patches Zero-Day Vulnerability in Chrome Browser
Google has recently addressed a critical zero-day vulnerability in its Chrome browser, marking the third such issue patched within a week. The vulnerability, identified as CVE-2024-4947, was reported by Kaspersky researchers and could potentially allow threat actors to execute arbitrary code. Users are urged to update their Chrome browser to the latest version to safeguard against potential threats. Additionally, users of other Chromium-based browsers are advised to apply the necessary fixes as they become available.
Question 1: What is the CVE identifier assigned to the zero-day vulnerability in Google Chrome?
- a) CVE-2024-4671
- b) CVE-2024-4761
- c) CVE-2024-4947
- d) CVE-2024-5032
Answer: c) CVE-2024-4947
Question 2: How many zero-day vulnerabilities have been resolved by Google in Chrome since the start of the year?
- a) Three
- b) Five
- c) Seven
- d) Nine
Answer: c) Seven
When was the zero-day vulnerability in Google Chrome reported?
The zero-day vulnerability in Google Chrome, assigned the CVE identifier CVE-2024-4947, was reported on May 13, 2024 by Kaspersky researchers Vasily Berdnikov and Boris Larin.
What is the nature of the vulnerability (CVE-2024-4947) in Chrome?
The vulnerability, CVE-2024-4947, relates to a type confusion bug in the V8 JavaScript and WebAssembly engine. Type confusion vulnerabilities occur when a program attempts to access a resource with an incompatible type, allowing threat actors to perform out-of-bounds memory access, cause a crash, and execute arbitrary code.
How many zero-days has Google patched in Chrome since the beginning of the year?
Google has patched a total of seven zero-days in Chrome since the start of the year, with CVE-2024-4947 being the latest one. The development marks the third zero-day that Google has patched within a week.
What version of Chrome should users upgrade to in order to mitigate potential threats?
Users are recommended to upgrade to Chrome version 125.0.6422.60/.61 for Windows and macOS, and version 125.0.6422.60 for Linux to mitigate potential threats. Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.
Today's Current Affairs brings news of Google releasing fixes for nine security issues in its Chrome browser, including a zero-day vulnerability that has been actively exploited. The vulnerability, known as CVE-2024-4947, is related to a type confusion bug in the V8 JavaScript and WebAssembly engine. This type of vulnerability can lead to serious consequences as it allows attackers to access memory out of bounds and execute arbitrary code. Google has urged users to update their Chrome browser to version 125.0.6422.60/.61 for Windows and macOS, and version 125.0.6422.60 for Linux to protect against potential threats. Users of other Chromium-based browsers like Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes once they are available. This marks the third zero-day vulnerability patched by Google in a week, highlighting the ongoing challenges in browser security.
