Google has released an emergency patch for CVE-2024-4947, the third Chrome zero-day vulnerability disclosed within a week. The exploit affects the Chrome V8 JavaScript engine with a type-confusion weakness, posing risks of browser crashes and potential code execution. Google confirmed the exploit's presence in the wild, prompting the release of version 125
0.6422.60/.61 for Mac/Windows and 125.0.6422.60 for Linux. Other Chromium-based browsers like Microsoft Edge are also impacted, with Microsoft actively working on a fix. This is the third zero-day patched by Google recently, following CVE-2024-4761 and CVE-2024-4671, with potentials for sandbox escape. https://www.darkreading.com/vulnerabilities-threats/patch-now-google-zero-day-exploit