The Chrome team has officially announced the release of Chrome 131 for Windows, Mac, and Linux. The new version, Chrome 131.0.6778.69 for Linux and 131.0.6778.69/.70 for Windows and Mac is set to roll out to users over the coming days and weeks.
This update includes several security fixes, performance improvements, and other enhancements, making Chrome even more secure and efficient for its global user base.
As with every version update, Chrome 131 comes with several under-the-hood improvements.
While the full list of changes can be found in the official Chrome log, users can also look forward to upcoming blog posts from Chrome and Chromium that will outline new features and significant efforts delivered in this version.
Free Ultimate Continuous Security Monitoring Guide - Download Here (PDF)
Security remains a top priority for Google, and Chrome 131 addresses multiple vulnerabilities to ensure safer browsing for users.
In total, 12 security issues have been fixed in this release, many of which were identified by external researchers.
Google will restrict access to the detailed bug reports until a majority of users have updated to the latest version to prevent potential exploitation.
If the vulnerabilities affect third-party libraries that other projects rely on, access to details may remain restricted.
Below is a detailed list of the security vulnerabilities addressed in Chrome 131, including the relevant CVE (Common Vulnerabilities and Exposures) identifiers, descriptions, severity levels, and who reported them.
CVE ID | Severity | Vulnerability Description | Date Reported |
---|---|---|---|
CVE-2024-11110 | High | Inappropriate implementation in Blink | 2024-10-14 |
CVE-2024-11111 | Medium | Inappropriate implementation in Autofill | 2024-08-18 |
CVE-2024-11112 | Medium | Use after free in Media | 2024-07-23 |
CVE-2024-11113 | Medium | Use after free in Accessibility | 2024-08-16 |
CVE-2024-11114 | Medium | Inappropriate implementation in Views | 2024-10-02 |
CVE-2024-11115 | Medium | Insufficient policy enforcement in Navigation | 2024-10-07 |
CVE-2024-11116 | Medium | Inappropriate implementation in Paint | 2023-11-14 |
CVE-2024-11117 | Low | Inappropriate implementation in FileSystem | 2023-01-06 |
In addition to the fixes contributed by external researchers, Google’s ongoing internal security efforts have played a crucial role in addressing various issues.
Through internal audits, fuzzing, and other initiatives, several vulnerabilities were identified and fixed before they could affect users.
Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!
Recent research has revealed that a Russian advanced persistent threat (APT) group, tracked as "GruesomeLarch"…
Microsoft's Digital Crimes Unit (DCU) has disrupted a significant phishing-as-a-service (PhaaS) operation run by Egypt-based…
The Russian threat group TAG-110, linked to BlueDelta (APT28), is actively targeting organizations in Central…
Earth Kasha, a threat actor linked to APT10, has expanded its targeting scope to India,…
Raspberry Robin, a stealthy malware discovered in 2021, leverages advanced obfuscation techniques to evade detection…
Critical infrastructure, the lifeblood of modern society, is under increasing threat as a new report…