CVE-2024-4671

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 124.0.6367.201

Description The issue is a use-after-free vulnerability in the Visuals component of Google Chrome, allowing a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. This vulnerability can cause information disclosure, code execution, or application crash. The estimated number of potentially affected devices is not specified, but it is known that hackers are actively exploiting this vulnerability in the wild.

Recommendations For Google Chrome versions prior to 124.0.6367.201, update to version 124.0.6367.201 or later to patch the vulnerability. As a temporary workaround, consider restricting access to potentially vulnerable API endpoints or disabling the use of the Visuals component until a patch is available. Avoid using Google Chrome until the update is applied, especially when browsing untrusted websites.