Google has announced a significant security update for its Chrome browser, addressing 17 vulnerabilities in the latest build.
The update, which affects the Stable and Extended Stable channels, will roll out over the coming days and weeks for Windows, Mac, and Linux users.
The Stable channel has been updated to versions 130.0.6723.58/.59 for Windows and Mac and 130.0.6723.58 for Linux.
Meanwhile, the Extended Stable channel has been updated to version 130.0.6723.59 for Windows and Mac. These updates are part of Google’s ongoing efforts to enhance browser security and protect users from threats.
Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free
In this update, Google has patched 17 security vulnerabilities, with several fixes contributed by external researchers.
The company has awarded $66,000 in rewards to those who reported these issues. The table below summarizes the key vulnerabilities patched:
| Severity | CVE ID | Description | Reward |
| High | CVE-2024-9954 | Use after free in AI | $36,000 |
| Medium | CVE-2024-9955 | Use after free in Web Authentication | $6,000 |
| Medium | CVE-2024-9956 | Inappropriate implementation in Web Auth | $6,000 |
| Medium | CVE-2024-9957 | Use after free in UI | $5,000 |
| Medium | CVE-2024-9958 | Inappropriate implementation in PictureInPicture | $5,000 |
| Medium | CVE-2024-9959 | Use after free in DevTools | $4,000 |
| Medium | CVE-2024-9960 | Use after free in Dawn | $2,000 |
| Medium | CVE-2024-9961 | Use after free in Parcel Tracking | $2,000 |
| Medium | CVE-2024-9962 | Inappropriate implementation in Permissions | $1,000 |
| Medium | CVE-2024-9963 | Insufficient data validation in Downloads | TBD |
| Low | CVE-2024-9964 | Inappropriate implementation in Payments | $3,000 |
| Low | CVE-2024-9965 | Insufficient data validation in DevTools | $1,000 |
| Low | CVE-2024-9966 | Inappropriate implementation in Navigations | $1,000 |
Google continues to emphasize its commitment to security through internal audits and collaborations with external researchers.
The company utilizes tools such as AddressSanitizer and MemorySanitizer to detect vulnerabilities proactively.
Access to detailed bug information remains restricted until most users have applied the update to ensure comprehensive protection.
How to Choose an ultimate Managed SIEM solution for Your Security Team -> Download Free Guide(PDF)
Cybersecurity researcher "0xdf" has cracked the "Ghost" challenge on Hack The Box (HTB), a premier…
Google has unveiled Sec-Gemini v1, an AI model designed to redefine cybersecurity operations by empowering…
The United States has successfully extradited two Kosovo nationals, Ardit Kutleshi, 26, and Jetmir Kutleshi,…
Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect…
A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing how…
EncryptHub, a rapidly evolving cybercriminal entity, has come under intense scrutiny following revelations of operational…