Google Releases Chrome v124.0.6367.201/.202 Emergency Update to Fix High-Risk Security Vulnerability

Google has rolled out an emergency update to Chrome v124.0.6367.201/.202 to fix the CVE-2024-4671 vulnerability, which is the fifth exploited security vulnerability fixed by Chrome in 2024, falling under the category of zero-day vulnerabilities.

For security reasons, Google typically doesn't disclose the full details of the vulnerability immediately after a new version is released, to prevent more hackers from exploiting the vulnerability and launching attacks. Instead, Google waits until most users have updated to the unaffected version before gradually revealing the vulnerability details to researchers and the public.

The fixed vulnerability, CVE-2024-4671, is located in the visual component and belongs to the Use-after-free class of security vulnerabilities. It was reported to Google by an anonymous security researcher on May 8.

The reason for the rapid release of the update is that Google has become aware that hackers are already exploiting this vulnerability in the wild, so Google immediately started working on a fix and released a new version after receiving the report.

It's worth noting that this vulnerability affects not only Chrome but also other browsers based on the Chromium kernel, including but not limited to Microsoft Edge, Vivaldi, Opera, and Brave. Therefore, users of these browsers should also pay attention to updates from their developers and install them as soon as possible to avoid being affected by the vulnerability.

The Blue Point network file download server has already stored the offline installation package of the new version, and users in need can download it: [May 10, 2024] Chrome v124.0.6367.202 Official Offline Installation Package Download

Note: Version 124.0.6367.202 is suitable for Windows and Mac, while version 124.0.6367.201 is suitable for Linux systems.