Chrome Security Updates – Google Fixed 4 Severe Vulnerabilities – Update Now

Google released a security update for Chrome with the fixes of critical and High severity vulnerabilities with Chrome 77.0.3865.90, a Stable channel update for Windows, Mac, and Linux.

Google fixed 4 vulnerabilities that affected Chrome browser, in which 1 vulnerability marked as “Critical” and other 3 vulnerabilities are fixed under “High” severity.

Successful exploitation of the most severe critical Use-after-free vulnerability in UI Reported by Khalil Zhani could allow an attacker to execute arbitrary code in the context of the browser.

The attacker will redirect the victims to access a specially crafted web page and exploit the vulnerability to take control of the system.

Vulnerability Details:

Based on the privilege that associated with a module, attacker gain exploit the vulnerability and execute the malicious program into the victim’s machine.

Chrome Users are highly recommended to apply the stable channel update provided by Google to vulnerable systems immediately after appropriate testing in both enterprise and individuals.

Google rewarded $40000 for the 2 high severity Use-after-free in media vulnerabilities reported by Man Yue Mo of Semmle Security Research Team.

According to Chrome press release notes ” Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL. “

How to Update

Steps to update for Windows, Mac, and Linux desktop users

  1. Open Chrome browser
  2. Head to Settings
  3. Expand help
  4. About Google Chrome
  5. The browser will process the update

Android and iOS users can update the Chrome browser app from their respective App stores.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting the growing, widespread use and potential…

9 hours ago

C2A Security’s EVSec Risk Management and Automation Platform Gains Automotive Industry Favor as Companies Pursue Regulatory Compliance

In 2023, C2A Security added multiple OEMs and Tier 1s to its portfolio of customers, successful evaluations, and partnerships such…

10 hours ago

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and education. The latest update, Wireshark 4.2.4,…

12 hours ago

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered platform designed to redefine how we…

13 hours ago

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information and grant unauthorized access. It's an…

14 hours ago

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including two zero-day exploits showcased at the…

17 hours ago