Cyber Security News

Chrome Security Update, Patch For Multiple Vulnerabilities

Google has released a new update on the Stable channel for its Chrome browser, addressing a series of security vulnerabilities.

The update has been rolled out as version 131.0.6778.139/.140 for Windows and Mac, and 131.0.6778.139 for Linux.

Users can expect the patch to become available over the coming days and weeks. A comprehensive list of changes in this build is accessible in the official Chrome changelog log.

Security Fixes and Highlights

According to the Chrome Blog, the latest update includes three critical security fixes, two of which were identified by external researchers.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar

Google has temporarily restricted access to bug details to ensure most users are protected before full disclosure.

Additionally, details will remain limited if the issues stem from third-party libraries still awaiting a resolution. Here is a breakdown of the notable fixes:

  • CVE-2024-12381: Type Confusion in V8
    • Severity: High
    • The flaw in V8, Chrome’s JavaScript engine, could potentially allow attackers to execute arbitrary code by exploiting type confusion errors.
  • CVE-2024-12382: Use-After-Free in Translate
    • Severity: High
    • This vulnerability involves a use-after-free issue in the translation feature, which might allow malicious actors to gain unauthorized access or crash the browser.

Google expressed its gratitude to all external contributors who reported these vulnerabilities and collaborated to enhance Chrome’s security posture.

The company also highlighted the importance of internal audits, fuzz testing, and other proactive measures that helped uncover additional vulnerabilities addressed in this release.

Chrome users are urged to update their browsers immediately to stay protected from these critical exploits.

To update, navigate to Settings > About Chrome and ensure you’re using the latest version. Regular updates are essential to guard against potential security risks and maintain a safe browsing experience.

Investigate Real-World Malicious Links,Malware & Phishing Attacks With ANY.RUN - Try for Free

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Leave a Comment
Share
Published by
Divya
Tags: cyber securityCyber Security NewsVulnerability
2 months ago

Recent Posts

Widespread Exploitation of ThinkPHP and OwnCloud Flaws by Cybercriminals

 GreyNoise has detected a significant surge in exploitation activity targeting two vulnerabilities — CVE-2022-47945 and…

2 minutes ago

Windows 11 Compression Features Pose libarchive Security Threats

Microsoft's ongoing efforts to enhance user experience in Windows 11 have introduced native support for…

13 minutes ago

Breaking macOS Apple Silicon Kernel Hardening: KASLR Exploited

Security researchers from Korea University have successfully demonstrated a groundbreaking attack, dubbed SysBumps, which bypasses…

57 minutes ago

New Malware Abuses Microsoft Graph API to Communicate via Outlook

A newly discovered malware, named FINALDRAFT, has been identified leveraging Microsoft Outlook as a command-and-control…

1 hour ago

RedNote App Security Flaw Exposes User Files on iOS and Android Devices

Serious security vulnerabilities have been uncovered in the popular social media and content-sharing app, RedNote,…

1 hour ago

Winnti Hackers Attacking Japanese Organisations with New Malware

The China-based Advanced Persistent Threat (APT) group known as the Winnti Group, also referred to…

2 hours ago