Google Deploys Emergency Chrome Patches for Actively Exploited Zero‑Days

Google issued emergency updates for Chrome to fix two critical zero‑day flaws that are currently being weaponized in the wild. Both vulnerabilities provide a remote code execution (RCE) chain that can bypass Chrome’s sandbox and other isolation mechanisms, allowing an attacker to run arbitrary code on the victim’s machine with the privileges of the user running the browser.

Defenders must prioritize patching all Chrome installations immediately, verify that the updated version (≥ 118.0.5993.89) is deployed across endpoints, and enforce automatic updates where possible. In the meantime, monitor for exploit indicators such as suspicious JavaScript activity, unexpected child‑process creation, or anomalous network traffic to known C2 domains linked to the exploit kits. Rapid remediation and vigilant detection are essential to prevent compromise and lateral movement.

Categories: Vulnerabilities & Exploits

Source: Read original article