Categories: ChromeCVE/vulnerabilitycyber securityCyber Security NewsVulnerability

Chrome Security Update: Patch for Multiple Vulnerabilities

Google has announced a critical security update for its Chrome browser, addressing several vulnerabilities that malicious actors could exploit.

The Stable channel has been updated to version 127.0.6533.99/.100 for Windows and Mac and 127.0.6533.99 for Linux. This update will be rolled out over the coming days and weeks.

Security Fixes and Rewards

The latest Chrome update includes five significant security fixes, with contributions from external security researchers. The details of these fixes are as follows:

How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide

  1. Critical CVE-2024-7532: Out-of-bounds memory access in ANGLE, reported by wgslfuzz on July 2, 2024.
  2. High CVE-2024-7533: Use after free in Sharing, reported by lime(@limeSec_) from the TIANGONG Team of Legendsec at QI-ANXIN Group on July 17, 2024. This fix earned a reward of $11,000.
  3. High CVE-2024-7550: Type Confusion in V8, reported by Zhenghang Xiao (@Kipreyyy) on July 25, 2024, with a reward of $7,000.
  4. High CVE-2024-7534: Heap buffer overflow in Layout, reported by Tashita Software Security on July 11, 2024.
  5. High CVE-2024-7535: Inappropriate implementation in V8, reported by Tashita Software Security on July 12, 2024.
  6. High CVE-2024-7536: Use after free in WebAudio, reported by Cassidy Kim (@cassidy6564) on July 23, 2024.

Google has noted that access to bug details and links may be restricted until most users are updated with the fix. This precautionary measure ensures that malicious actors do not exploit these vulnerabilities before users can update their browsers.

Additionally, restrictions will remain if the bug exists in a third-party library that other projects similarly depend on but have not yet fixed.

Google expressed gratitude to all security researchers who collaborated during the development cycle to prevent security bugs from reaching the stable channel.

The company encourages users interested in switching release channels to learn how to do it on their official page.

They also invite users to report new issues by filing a bug or seeking assistance through the community help forum. Users can visit the Chrome Security Page for more information on the security fixes and to stay updated on future releases.

Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Leave a Comment
Share
Published by
Divya
Tags: cyber securityCyber Security NewsVulnerability
3 months ago

Recent Posts

Cisco ASA Devices Vulnerable to SSH Remote Command Injection Flaw

Cisco has issued a critical security advisory regarding a vulnerability in its Adaptive Security Appliance…

1 hour ago

Google Patches Multiple Chrome Security Vulnerabilities

Google has released several security patches for its Chrome browser, addressing critical vulnerabilities that malicious…

2 hours ago

Grayscale Investments Data Breach Exposes 693K User Records Reportedly Affected

Grayscale Investments, a prominent crypto asset manager, has reportedly suffered a data breach affecting 693,635…

22 hours ago

Threat Actors Allegedly Selling Database of 1,000 NHS Email Accounts

A database containing over 1,000 email accounts associated with the National Health Service (NHS) has…

22 hours ago

Mallox Ransomware Vulnerability Lets Victims Decrypt Files

Researchers from Avast have uncovered a vulnerability in the cryptographic schema of the Mallox ransomware,…

24 hours ago

Red Hat NetworkManager Flaw Allows Hackers to Gain Root Access

A recently discovered vulnerability in Red Hat's NetworkManager, CVE-2024-8260, has raised concerns in the cybersecurity…

1 day ago