Google has pushed out an urgent Chrome browser update to fix a trio of high-severity security defects and warned that one of the bugs is already being exploited in the wild.
As is customary, Google did not provide any additional details on scope of the observed attacks or share telemetry to help defenders hunt for signs of compromise.
A barebones advisory simply notes: “Google is aware of reports that an exploit for CVE-2024-0519 exists in the wild.”
The company said the zero-day was reported anonymously.
The latest Chrome browser refresh also provides cover for two additional memory safety issues in V8 that are rated high-risk. Google said the update also includes multiple fixes found internally from audits, fuzzing and other initiatives.
The new security patch comes just weeks after Google shipped patches for multiple memory safety issues that expose users to code execution attacks.
In 2023, Google patched at least seven zero-days discovered during in-the-wild exploitation.