Google has released a critical security update for its Chrome browser, addressing three high-severity vulnerabilities that could potentially expose users to significant risks.
The latest update, version 131.0.6778.139/.140 for Windows and Mac and 131.0.6778.139 for Linux, is being rolled out gradually and is expected to reach all users in the coming days and weeks.
Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar
High-severity Vulnerabilities Addressed
The update focuses on patching three major security flaws:
- Type Confusion in V8: A high-severity vulnerability (CVE-2024-12381) was discovered by security researcher Seunghyun Lee (@0x10n) on December 2, 2024. This flaw in Chrome’s V8 JavaScript engine could potentially allow attackers to execute arbitrary code or cause system crashes.
- Use-after-free in Translate: Another high-severity issue (CVE-2024-12382) reported by a researcher known as lime(@limeSec_) from the TIANGONG Team of Legendsec at QI-ANXIN Group on November 18, 2024. This vulnerability in Chrome’s translation feature could lead to memory corruption and potential exploitation.
- Undisclosed High-Severity Flaw: Details of the third high-severity vulnerability have not been disclosed, which is likely to prevent potential exploitation before users have a chance to update.
Google’s swift response to these vulnerabilities underscores the critical nature of the security risks. Users are strongly advised to update their Chrome browsers immediately to mitigate potential threats.
The update process is typically automatic, but users can manually check for updates by navigating to Chrome’s settings and clicking on “About Chrome”.
This latest update is part of Google’s continuous efforts to enhance Chrome’s security. The company acknowledges the contributions of external security researchers and its internal security team in identifying and addressing these vulnerabilities.
Google employs various advanced techniques, including AddressSanitizer, MemorySanitizer, and Control Flow Integrity, to detect and prevent security bugs.
As cyber threats continue to evolve, keeping web browsers updated remains a critical aspect of online security. Chrome users are encouraged to install this latest update promptly to ensure their browsing experience remains secure.
With over 3 billion users worldwide, Chrome’s security updates have far-reaching implications for global internet safety.
The timely identification and patching of these high-severity vulnerabilities demonstrate the effectiveness of Google’s security measures and the importance of collaboration between tech giants and the wider security research community in safeguarding users against potential cyber threats.
Investigate Real-World Malicious Links,Malware & Phishing Attacks With ANY.RUN - Try for Free
The post Chrome Security Update, Patch for 3 High-severity Vulnerabilities appeared first on Cyber Security News.
