Thursday, February 13, 2025
Follow us On Linkedin
HomeChromeChrome Security Update, Patch For Multiple Vulnerabilities

Chrome Security Update, Patch For Multiple Vulnerabilities

ChromeCVE/vulnerabilityCyber Security NewsVulnerability

Published on

By Divya
Chrome Security Update, Patch For Multiple Vulnerabilities

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

Google has released a new update on the Stable channel for its Chrome browser, addressing a series of security vulnerabilities.

The update has been rolled out as version 131.0.6778.139/.140 for Windows and Mac, and 131.0.6778.139 for Linux.

Users can expect the patch to become available over the coming days and weeks. A comprehensive list of changes in this build is accessible in the official Chrome changelog log.

Security Fixes and Highlights

According to the Chrome Blog, the latest update includes three critical security fixes, two of which were identified by external researchers.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar

Google has temporarily restricted access to bug details to ensure most users are protected before full disclosure.

Additionally, details will remain limited if the issues stem from third-party libraries still awaiting a resolution. Here is a breakdown of the notable fixes:

  • CVE-2024-12381: Type Confusion in V8
    • Severity: High
    • The flaw in V8, Chrome’s JavaScript engine, could potentially allow attackers to execute arbitrary code by exploiting type confusion errors.
  • CVE-2024-12382: Use-After-Free in Translate
    • Severity: High
    • This vulnerability involves a use-after-free issue in the translation feature, which might allow malicious actors to gain unauthorized access or crash the browser.

Google expressed its gratitude to all external contributors who reported these vulnerabilities and collaborated to enhance Chrome’s security posture.

The company also highlighted the importance of internal audits, fuzz testing, and other proactive measures that helped uncover additional vulnerabilities addressed in this release.

Chrome users are urged to update their browsers immediately to stay protected from these critical exploits.

To update, navigate to Settings > About Chrome and ensure you’re using the latest version. Regular updates are essential to guard against potential security risks and maintain a safe browsing experience.

Investigate Real-World Malicious Links,Malware & Phishing Attacks With ANY.RUN - Try for Free

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Chrome

Critical Chrome Flaw Allows Attackers to Remotely Execute Code

Google has released an urgent update for its Chrome browser to address a critical...
Cyber Security News

Global IoT Data Leak Exposes 2.7 Billion Records and Wi-Fi Passwords Worldwide

A massive security lapse has exposed over 2.7 billion records, including sensitive Wi-Fi credentials,...
CVE/vulnerability

Palo Alto PAN-OS Zero-Day Flaw Allows Attackers to Bypass Web Interface Authentication

Palo Alto Networks has disclosed a zero-day vulnerability in its PAN-OS software (CVE-2025-0108), allowing...
cyber security

Enhancing Threat Detection With Improved Metadata & MITRE ATT&CK tags

The cybersecurity landscape continues to evolve rapidly, demanding more sophisticated tools and methodologies to...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

Register Now

More like this

Chrome

Critical Chrome Flaw Allows Attackers to Remotely Execute Code

Google has released an urgent update for its Chrome browser to address a critical...
Cyber Security News

Global IoT Data Leak Exposes 2.7 Billion Records and Wi-Fi Passwords Worldwide

A massive security lapse has exposed over 2.7 billion records, including sensitive Wi-Fi credentials,...
CVE/vulnerability

Palo Alto PAN-OS Zero-Day Flaw Allows Attackers to Bypass Web Interface Authentication

Palo Alto Networks has disclosed a zero-day vulnerability in its PAN-OS software (CVE-2025-0108), allowing...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2024 GBHackers On Security - All Rights Reserved