Friday, November 1, 2024
HomeCyber Security NewsGoogle Patches Multiple Chrome Security Vulnerabilities

Google Patches Multiple Chrome Security Vulnerabilities

Published on

Malware protection

Google has released several security patches for its Chrome browser, addressing critical vulnerabilities that malicious actors could exploit.

The update is now available on the Stable channel, with version 130.0.6723.69/.70 for Windows and Mac and version 130.0.6723.69 for Linux. The rollout is expected to reach users over the coming days and weeks. 

The Extended Stable channel has also been updated to version 130.0.6723.70 for Windows and Mac.

- Advertisement - SIEM as a Service

As is customary, Google has restricted access to detailed information about these vulnerabilities until most users have applied the update, ensuring that potential threats are mitigated before they can be exploited. 

National Cybersecurity Awareness Month Cyber Challenges – Test your Skills Now

This update addresses three significant security issues, all classified as high severity:

  1. CVE-2024-10229: Inappropriate Implementation in Extensions
    This vulnerability was reported by Vsevolod Kokorin (Slonser) of Solidlab on October 2, 2024. It involves an inappropriate implementation within Chrome’s extensions, potentially allowing attackers to exploit this flaw for malicious purposes.
  2. CVE-2024-10230: Type Confusion in V8
    Seunghyun Lee (@0x10n) reported on October 5, 2024, that this vulnerability pertains to a type confusion issue in V8, Chrome’s JavaScript engine. Type confusion errors can lead to arbitrary code execution, making them particularly dangerous if left unpatched.
  3. CVE-2024-10231: Type Confusion in V8
    Seunghyun Lee (@0x10n) reported another type of confusion vulnerability in V8 on October 9, 2024. Similar to CVE-2024-10230, this flaw could allow attackers to execute arbitrary code on affected systems.

Google has expressed gratitude to the security researchers who reported these vulnerabilities and contributed to making Chrome safer for all users.

The company encourages users to update their browsers promptly to benefit from these crucial security fixes. 

Users interested in exploring different release channels or encountering new issues are encouraged to visit Google’s community help forum or file a bug report directly with the company for assistance and further information. 

As always, Google remains committed to maintaining the security and integrity of its browser by continuously working with external researchers and updating its software to address potential vulnerabilities before they become widespread threats.

Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Watch Here


Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS...

ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues

White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch...

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan...

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS...

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan...

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on...