Google Chrome Security, Critical Vulnerabilities Patched

Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions of users worldwide.

The latest Stable channel update, version 130.0.6723.91/.92 for Windows and Mac and 130.0.6723.91 for Linux will be rolled out over the coming days and weeks.

This update extends to the Extended Stable channel with version 130.0.6723.92 for Windows and Mac.

Protecting Your Networks & Endpoints With UnderDefense MDR – Request Free Demo

Vulnerabilities Fixes

The update includes two crucial security fixes, underscoring Google’s commitment to maintaining a secure browsing environment.

Notably, these fixes were contributed by external researchers, highlighting the collaborative efforts in the cybersecurity community.

1. CVE-2024-10487: Out of Bounds Write in Dawn
   • Severity: Critical. This vulnerability involved an out-of-bounds write issue in Dawn, a graphics abstraction layer used in Chrome. Such vulnerabilities can allow attackers to execute arbitrary code on a user’s system, making it critical to address promptly.
2. CVE-2024-10488: Use After Free in WebRTC
   • Severity: High. This issue was identified in WebRTC, a technology enabling real-time communication in browsers. A use-after-free vulnerability can lead to unexpected behavior or even allow attackers to take control of a system.

Google continues prioritizing user safety by restricting access to bug details and links until most users have received the updates.

This cautious approach ensures that potential exploits remain undisclosed until systems are adequately protected. 

Moreover, Google remains vigilant about vulnerabilities in third-party libraries that other projects depend on but may not have addressed.

By maintaining these restrictions, Google helps safeguard Chrome users and the broader software ecosystem.

Google acknowledges and appreciates the invaluable contributions of security researchers who collaborate during the development cycle to prevent security bugs from reaching the stable channel. Their efforts play a crucial role in enhancing Chrome’s security framework.

Google provides resources and forums for assistance and community support for users interested in exploring different release channels or reporting new issues.

Users are encouraged to file bug reports if they encounter new issues and engage with the community help forum for guidance on common problems.

Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!