Google has released several security patches for its Chrome browser, addressing critical vulnerabilities that malicious actors could exploit.
The update is now available on the Stable channel, with version 130.0.6723.69/.70 for Windows and Mac and version 130.0.6723.69 for Linux. The rollout is expected to reach users over the coming days and weeks.Â
The Extended Stable channel has also been updated to version 130.0.6723.70 for Windows and Mac.
As is customary, Google has restricted access to detailed information about these vulnerabilities until most users have applied the update, ensuring that potential threats are mitigated before they can be exploited.Â
National Cybersecurity Awareness Month Cyber Challenges – Test your Skills Now
This update addresses three significant security issues, all classified as high severity:
- CVE-2024-10229: Inappropriate Implementation in Extensions
This vulnerability was reported by Vsevolod Kokorin (Slonser) of Solidlab on October 2, 2024. It involves an inappropriate implementation within Chrome’s extensions, potentially allowing attackers to exploit this flaw for malicious purposes. - CVE-2024-10230: Type Confusion in V8
Seunghyun Lee (@0x10n) reported on October 5, 2024, that this vulnerability pertains to a type confusion issue in V8, Chrome’s JavaScript engine. Type confusion errors can lead to arbitrary code execution, making them particularly dangerous if left unpatched. - CVE-2024-10231: Type Confusion in V8
Seunghyun Lee (@0x10n) reported another type of confusion vulnerability in V8 on October 9, 2024. Similar to CVE-2024-10230, this flaw could allow attackers to execute arbitrary code on affected systems.
Google has expressed gratitude to the security researchers who reported these vulnerabilities and contributed to making Chrome safer for all users.
The company encourages users to update their browsers promptly to benefit from these crucial security fixes.Â
Users interested in exploring different release channels or encountering new issues are encouraged to visit Google’s community help forum or file a bug report directly with the company for assistance and further information.Â
As always, Google remains committed to maintaining the security and integrity of its browser by continuously working with external researchers and updating its software to address potential vulnerabilities before they become widespread threats.
Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Watch Here