Recently, after Google released a security update to fix CVE-2024-4671, another security update has been released: Chrome Version 124.0.6367.201/.202 for Mac and Windows and 124.0.6367.201 for Linux to address a zero-day vulnerability tracked as CVE-2024-5274.

Based on the official site for Chrome updates, “Google is aware that an exploit for CVE-2024-5274 exists in the wild”.

_____________________________

A. Nature of the Vulnerability

CVE-2024-5274

Type Confusion in V8. Reported by Clément Lecigne of Google’s Threat Analysis Group and Brendon Tiszka of Chrome Security on 2024-05-20.

_____________________________

B. Actions to be Taken

CERT-PH recommends the following actions be taken:

• Kindly review and apply the necessary updates to mitigate future threats.
• For additional information, kindly refer to the official report
  • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_23.html