Security Advisory: Critical Chrome Vulnerability CVE-2024-7965 Actively Exploited

Difenda is alerting all clients to a critical vulnerability in Google Chrome, identified as CVE-2024-7965. This flaw, patched in the recent Chrome update (version 128.0.6613.84), has been actively exploited in the wild, putting users at risk. The vulnerability is an inappropriate implementation bug within the V8 JavaScript and WebAssembly engine, which could allow remote attackers to exploit heap corruption via a crafted HTML page. Chrome users are strongly urged to update their browsers immediately to avoid potential exploitation.

Critical Chrome Vulnerability CVE-2024-7965 Actively Exploited Technical Overview

CVE-2024-7965 has been categorized as a high-severity vulnerability due to its potential impact. The flaw is rooted in the V8 engine, which is responsible for processing JavaScript and WebAssembly within the Chrome browser. When successfully exploited, this bug allows a crafted HTML page to corrupt the heap memory, which could enable arbitrary code execution by an attacker.

The vulnerability was reported by a security researcher known as “TheDog” on July 30, 2024, earning them a bug bounty of $11,000. Google has confirmed that this vulnerability is being actively exploited in the wild, though details about the threat actors or specific attack vectors remain undisclosed.

Google has addressed several critical zero-day vulnerabilities in Chrome throughout 2024, highlighting the ongoing efforts by threat actors to exploit browser vulnerabilities. Other notable vulnerabilities include CVE-2024-0519 (Out-of-bounds memory access in V8), CVE-2024-2886 (Use-after-free in WebCodecs), and multiple type confusion issues within the V8 engine.

What We Suggest to Mitigate Critical Chrome Vulnerability CVE-2024-7965 Actively Exploited

• Update Chrome Immediately: Users should update their Chrome browser to version 128.0.6613.84/.85 on Windows and macOS, and 128.0.6613.84 on Linux. This can be done by navigating to Chrome > Settings > About Chrome, which will trigger an automatic update if available.
• Monitor for Unusual Activity: Organizations should monitor network traffic and endpoints for any unusual behavior that may indicate exploitation attempts targeting this vulnerability.
• Deploy Endpoint Protection: Ensure endpoint security solutions are up to date and configured to detect and block potential exploitation of Chrome vulnerabilities.
• Consider Browser Isolation: For high-risk environments, consider implementing browser isolation techniques to minimize the attack surface available to exploit web-based vulnerabilities.
• User Education: Inform users about the importance of regularly updating their browsers and the risks of visiting untrusted websites, which could host maliciously crafted HTML pages.

What Our Threat Intelligence Team is Doing

Difenda can identify and monitor vulnerable devices within our clients’ networks. This visibility allows us to provide proactive alerts and ensure timely patching to mitigate potential risks associated with these newly disclosed vulnerabilities.