Google has announced a significant security update for its Chrome browser, addressing 17 vulnerabilities in the latest build.
The update, which affects the Stable and Extended Stable channels, will roll out over the coming days and weeks for Windows, Mac, and Linux users.
The Stable channel has been updated to versions 130.0.6723.58/.59 for Windows and Mac and 130.0.6723.58 for Linux.
Meanwhile, the Extended Stable channel has been updated to version 130.0.6723.59 for Windows and Mac. These updates are part of Google’s ongoing efforts to enhance browser security and protect users from threats.
Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free
In this update, Google has patched 17 security vulnerabilities, with several fixes contributed by external researchers.
The company has awarded $66,000 in rewards to those who reported these issues. The table below summarizes the key vulnerabilities patched:
| Severity | CVE ID | Description | Reward |
| High | CVE-2024-9954 | Use after free in AI | $36,000 |
| Medium | CVE-2024-9955 | Use after free in Web Authentication | $6,000 |
| Medium | CVE-2024-9956 | Inappropriate implementation in Web Auth | $6,000 |
| Medium | CVE-2024-9957 | Use after free in UI | $5,000 |
| Medium | CVE-2024-9958 | Inappropriate implementation in PictureInPicture | $5,000 |
| Medium | CVE-2024-9959 | Use after free in DevTools | $4,000 |
| Medium | CVE-2024-9960 | Use after free in Dawn | $2,000 |
| Medium | CVE-2024-9961 | Use after free in Parcel Tracking | $2,000 |
| Medium | CVE-2024-9962 | Inappropriate implementation in Permissions | $1,000 |
| Medium | CVE-2024-9963 | Insufficient data validation in Downloads | TBD |
| Low | CVE-2024-9964 | Inappropriate implementation in Payments | $3,000 |
| Low | CVE-2024-9965 | Insufficient data validation in DevTools | $1,000 |
| Low | CVE-2024-9966 | Inappropriate implementation in Navigations | $1,000 |
Google continues to emphasize its commitment to security through internal audits and collaborations with external researchers.
The company utilizes tools such as AddressSanitizer and MemorySanitizer to detect vulnerabilities proactively.
Access to detailed bug information remains restricted until most users have applied the update to ensure comprehensive protection.
How to Choose an ultimate Managed SIEM solution for Your Security Team -> Download Free Guide(PDF)
Malicious actors have taken cybercrime to new heights by exploiting captcha verification pages, a typically…
Critical Authentication Bypass Vulnerability Identified in Hitachi Infrastructure Analytics Advisor and Ops Center Analyzer. A…
The healthcare communication platform ConnectOnCall, operated by ConnectOnCall.com, LLC, has confirmed a significant data breach…
Kali Linux has unveiled its final release for 2024, version Kali Linux 2024.4, packed with…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert, adding two significant…
It’s clear that a person’s reputation is increasingly influenced by their online presence, which spans…