Latest Chrome update patches zero-day CVE-2024-4947

The update includes a total of 9 security fixes

Reading time icon 2 min. read

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more


If you actively use Google Chrome, it’s time to update the web browser. The latest version, Google Chrome 125.0.6422.60, introduces a patch for an actively exploited zero-day vulnerability, CVE-2024-4947!

The vulnerability, assigned a Security Severity rating of High, was reported to Google by Vasily Berdnikov and Boris Larin from Kaspersky. The National Vulnerability Database describes it as,

Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

Type Confusion vulnerabilities are critical and must be resolved immediately. These grant threat actors out-of-bound memory access, allow them to execute code, and might even trigger a crash.

Along with CVE-2024-4947, the latest Chrome update brings security fixes for nine other vulnerabilities, including CVE-2024-4948, CVE-2024-4949, and CVE-2024-4950.

Depending on the operating system, you will need to download the following browser versions:

  • Linux: Chrome 125.0.6422.60
  • Windows/macOS: Chrome 125.0.6422.60/.61

To update Google Chrome > launch the browser > click the Customize and control Google Chrome option (ellipsis) near the top right > hover the cursor over Help > select About Google Chrome > wait for the update to install > then relaunch the browser.

Updating Google Chrome

The update is being gradually rolled out, so it might take a while to show up on your PC. Until then, be careful and don’t let threat actors exploit the CVE-2024-4947 vulnerability to attack your system.

On a similar note, this week, Microsoft fixed over 60 vulnerabilities across its offerings.

More about the topics: Google, Google Chrome