The Chrome team has officially announced the release of Chrome 129, which is now available on the stable channel for Windows, Mac, and Linux.
This update, which will be gradually rolled out over the coming days and weeks, addresses several security vulnerabilities and introduces various improvements. Users are encouraged to update their browsers to benefit from these enhancements.
Chrome 129.0.6668.58 for Linux and 129.0.6668.58/.59 for Windows and Mac includes nine security fixes, some of which were contributed by external researchers.
The details of these fixes will remain restricted until most users have updated their browsers to ensure security across all platforms.
Decoding Compliance: What CISOs Need to Know – Join Free Webinar
The following table highlights some of the key security issues addressed in this release:
| Severity | CVE ID | Description | Reward | Date Reported |
| High | CVE-2024-8904 | Type Confusion in V8 | N/A | 2024-09-08 |
| Medium | CVE-2024-8905 | Inappropriate implementation in V8 | $8000 | 2024-08-15 |
| Medium | CVE-2024-8906 | Incorrect security UI in Downloads | $2000 | 2024-07-12 |
| Medium | CVE-2024-8907 | Insufficient data validation in Omnibox | $1000 | 2024-08-18 |
| Low | CVE-2024-8908 | Inappropriate implementation in Autofill | $1000 | 2024-04-26 |
| Low | CVE-2024-8909 | Inappropriate implementation in UI | $1000 | 2024-05-18 |
In addition to these externally reported issues, the Chrome team has implemented various internal security fixes through audits, fuzzing, and other initiatives.
The Chrome team continues prioritizing security by working with researchers and utilizing advanced tools such as AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, and AFL to detect vulnerabilities.
These efforts are part of an ongoing commitment to maintaining a secure browsing experience for all users.
Users interested in exploring different release channels or reporting new issues can find more information on the Chrome Security Page or participate in the community help forum.
As always, the Chrome team appreciates the contributions of security researchers worldwide who help prevent vulnerabilities from reaching the stable channel.
Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14-day free trial
Google is rolling out a new privacy-focused feature called Shielded Email, designed to prevent apps and…
Cybersecurity experts are warning of an increasing trend in fileless attacks, where hackers leverage PowerShell…
Unit 42 researchers have observed a threat actor group known as JavaGhost exploiting misconfigurations in…
A new variant of malware, dubbed "Poco RAT," has emerged as a potent espionage tool…
The United States has suspended offensive cyber operations against Russia under an order issued by…
Cybersecurity researchers have uncovered a sophisticated phishing campaign leveraging Google Ads and PayPal’s infrastructure to…