Google has rolled out an emergency security update for its Chrome browser, urging all users to update immediately to protect against a high-risk vulnerability that is currently being exploited in the wild.
The update addresses a zero-day security flaw—a vulnerability actively used by cybercriminals before a fix becomes available. Google has labeled this update as critical, and it’s being pushed to billions of users across Windows, macOS, and Linux platforms.
What’s the Vulnerability?
The flaw, officially tracked as CVE-2024-4671, is a “use-after-free” vulnerability found in the Visuals component of Chrome. This type of bug can allow attackers to execute arbitrary code on a victim’s device—potentially leading to data theft, system access, or malware installation.
Google confirmed that exploit code already exists in the wild, making it essential for users to update their browsers without delay.
Who’s Affected?
Anyone using Google Chrome on desktop is at risk. The vulnerability does not currently appear to affect mobile versions, but desktop users are urged to update as soon as possible.
If you haven’t updated Chrome recently, you may still be using a version with this critical flaw.
How to Protect Yourself
Here’s how you can update Chrome in seconds:
- Open Google Chrome
- Click the three-dot menu in the top-right corner
- Go to Help > About Google Chrome
- Chrome will automatically check for updates and install the latest version
- Restart your browser to apply the update
The fixed version as of this release is Chrome 124.0.6367.201/.202 for Windows and 124.0.6367.201 for macOS and Linux.
Why This Matters
Zero-day vulnerabilities are among the most dangerous cybersecurity threats, because they give attackers a head start before users and companies can react. By issuing an emergency patch, Google is acting swiftly to minimize potential damage.
