Google Urges Immediate Chrome Update After Active Zero-Day Exploits Are Found

Google has released an emergency security update for Chrome after its Threat Analysis Group identified three zero-day vulnerabilities that were being actively exploited in the wild. The flaws, tracked as CVE-2024-9862, CVE-2024-9863, and CVE-2024-9864, affect the browser’s handling of memory and sandbox protections, creating opportunities for attackers to execute malicious code and potentially escape Chrome’s security boundaries.

According to Google, the issues include out-of-bounds memory access bugs and sandbox escape techniques, with the attacks primarily targeting Windows users. The company has urged users to update immediately to Chrome version 129.0.6668.100, which contains fixes for the vulnerabilities.

Security researchers say the discovery underscores the ongoing risk posed by sophisticated threat actors, including nation-state groups that often exploit browser flaws to gain initial access to systems. Because Chrome is widely used across both consumer and enterprise environments, unpatched browsers can become a high-value target for cyberattacks.

Experts recommend that users and organizations apply the update as soon as possible and verify that automatic updates are enabled. Keeping browsers current remains one of the most effective ways to reduce exposure to active exploitation campaigns.