Google Issues Emergency Chrome Fix for Actively Exploited Zero-Day CVE-2024-9430

Google has released an emergency security update for its Chrome browser to address a critical zero-day vulnerability tracked as CVE-2024-9430. The flaw affects the browser’s V8 JavaScript engine and is believed to be actively exploited in the wild, prompting the company to move quickly with a patched release.

According to Google, the vulnerability could allow remote attackers to bypass Chrome’s sandbox protections by luring users to specially crafted HTML pages. If successfully exploited, the issue could give attackers a path to run malicious code or gain deeper access to a compromised system, increasing the risk of data theft, malware installation, and broader network intrusion.

The company is urging all users to update Chrome immediately to version 129.0.6668.100 or later. Security experts say rapid patching is especially important for zero-day flaws, which are often weaponized before many users have a chance to install fixes.

Chrome typically updates automatically, but users can manually check for the latest version through the browser’s settings menu. Organizations are also advised to verify that managed devices receive the patch without delay, as browsers remain a common entry point for attackers targeting both individuals and enterprise environments.