Google has released an urgent security update for its Chrome web browser on Windows, Linux, Mac, and Android platforms. This update specifically targets a zero-day vulnerability, identified as CVE-2024-0519.

Security Risks

The successful exploitation of the CVE-2024-0519 vulnerability in Google Chrome versions preceding 120.0.6099.224 poses a significant security risk, allowing remote attackers to corrupt memory through a carefully crafted HTML page. This high-severity vulnerability is rooted in out-of-bounds memory access in V8.

Recommended Actions

The National Cyber Security Authority (NCSA) recommends users and system administrators to:

1. Upgrade, as soon as possible, to the latest supported version of installed software in order to continue receiving technical support and security patches.

The released software versions to upgrade to are:

• Chrome 120.0.6099.224/225 for Windows.

• Chrome 120.0.6099.234 for Mac.

• Chrome 120.0.6099.224 for Linux.

• Chrome Stable 121 (121.0.6167.66) for iOS.

• Chrome 120 (120.0.6099.230) for Android.

2. Before performing any update tasks, ensure that you have a backup of your data.

For further information and support, please contact the National Cyber Security Authority (NCSA) by emailto rwcsirt@ncsa.gov.rw or call us on 9009

References

Chrome Releases

nvd.nist.gov/vuln/detail/CVE-2024-0519