Billons of Chrome users at risk from hacker attacks — severe flaw exploited

News
By published

But a fix is on the way from Google

Padlock shadow in front of the Google Chrome logo
(Image credit: Ink Drop/Shutterstock)

Google is in the process of rolling out patches that address a high-severity security flaw in its Chrome browser. According to Google, this flaw has come under active exploitation in the wild.

The flaw (tracked as CVE-2024-7971) is a confusion bug in the V8 JavaScript and WebAssembly engine (h/t to The Hacker News). Google acknowledged the flaw in a blog post saying that the company is "aware that an exploit for CVE-2024-7971 exists in the wild."

As the time of writing, Google has not released any details about the nature of any attacks exploiting the flaw or who might have been weaponizing it. According to Hacker News, this is third type confusion page that has been patched this year by Google.

To apply Google's fix, you'll need to upgrade to Chrome version 128.0.6613.84/.85 for Windows and macOS. Linux users will need to update to version 128.0.6613.84. Again, the fix is being rolled out gradually so it might not immediately be available to all Chrome users. Make sure to check back frequently if you don't see the new version just yet.

More from Tom's Guide

Scott Younker
Scott Younker
West Coast Reporter

Scott Younker is the West Coast Reporter at Tom’s Guide. He covers all the lastest tech news. He’s been involved in tech since 2011 at various outlets and is on an ongoing hunt to build the easiest to use home media system. When not writing about the latest devices, you are more than welcome to discuss board games or disc golf with him. He also handles all the Connections coverage on Tom's Guide and has been playing the addictive NYT game since it released.