软餐获悉,Google 在日前发布的 Chrome 125 稳定版中修复了 9 个安全漏洞,其中包括 1 个零日漏洞 CVE-2024-4947。这也是今年该浏览器发现的第六个零日漏洞。更新后,Chrome 浏览器版本号将更新到 125.0.6422.60(Linux/Windows)和 125.0.6422.60/.61(macOS)。具体而言,漏洞 CVE-2024-4947 可能导致受害者点击网络钓鱼页面后,攻击者可能在沙盒环境中远程执行代码。
Google has addressed nine security vulnerabilities, including one zero-day vulnerability (CVE-2024-4947), in the recently released stable version of Chrome 125. This marks the sixth zero-day vulnerability discovered in the browser this year. Following the update, the Chrome browser version will be updated to 125.0.6422.60 (Linux/Windows) and 125.0.6422.60/.61 (macOS). Specifically, the CVE-2024-4947 vulnerability could potentially allow an attacker to remotely execute code within a sandbox environment if the victim clicks on a phishing webpage.