SingCERT asks to update Chrome and Edge after high-severity vulnerability was found in them

The Singapore Cyber Emergency Response Team found that hackers have been exploiting a high-severity vulnerability that affects old browser versions, including Google Chrome and Microsoft Edge.

Therefore, they have requested that users and admins update Google Chrome and other Chromium browsers to the latest version.

SingCERT, which comes under the Cyber Security Agency of Singapore (CSA) said in an advisory:

There have been reports of active exploitation of a high-severity vulnerability affecting Google Chrome.

This vulnerability, CVE-2024-4947, affects Google Chrome versions before 125.0.6422.60. The National Vulnerability Database describes it as,

Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

To be secure, Chrome has already patched it; therefore, you need to update the browser to the latest version.

SingCERT further mentioned that the vulnerability is caused by a type confusion bug in the V8 JavaScript engine, which is also affecting other Chromium-based browsers like Edge.

The United States National Institute of Standards and Technology has also asked users and administrators affected by the vulnerability to apply mitigations per vendor instructions or discontinue the use of the product if mitigations are unavailable.

Given the security vulnerabilities being exploited now and then, keeping every software in your computer up to date is important.

How do you keep track of your outdated apps? Share your views with our readers in the comments section below.