Google fixes actively exploited Chrome zero-day (CVE-2024-0519)
In the new stable release of the Chrome browser, Google has fixed three security vulnerabilities affecting the V8 engine, including one zero-day (CVE-2024-0519) with an existing exploit.
The vulnerability has been flagged by an anonymous researcher.
“Google is aware of reports that an exploit for CVE-2024-0519 exists in the wild,” the Chrome team says.
Chrome users that have set Chrome to update automatically don’t need to take action, but those who update it manually should do it as soon as possible. (With zero-days in Chrome getting regularly exploited, opting for automatic updates is not a bad idea.)
Fixes in other Chromium-based browsers
Since Microsoft Edge is based on Chromium, Microsoft has announced they are working on releasing a security patch.
“It’s worth highlighting that Microsoft Edge’s enhanced security mode feature mitigates this vulnerability. You can opt-in into this security feature and have peace of mind that Microsoft Edge is protecting you against this exploit,” they added.
Other popular Chromium-based browsers such as Brave, Opera, and Vivaldi will likely include those fixes soon.