Chrome Security Update, Patch for High Severity Vulnerability
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
Google has released a critical security update for its Chrome browser, addressing three high-severity vulnerabilities that could compromise user security.
The latest stable channel update, version 130.0.6723.69 for Linux and 130.0.6723.69/.70 for Windows and Mac includes patches for these significant security flaws.
Critical Vulnerabilities Addressed
Among the patched vulnerabilities is CVE-2024-10229, a high-severity flaw in Chrome’s Extensions component that could allow attackers to bypass site isolation protections.
This vulnerability poses a significant risk as it could enable unauthorized access to sensitive data across different sites.
Two additional types of confusion vulnerabilities in Chrome’s V8 engine, CVE-2024-10230, and CVE-2024-10231, were also patched.
According to Chrome advisory, these flaws could lead to heap corruption and allow attackers to execute arbitrary code on affected systems when users visit maliciously crafted websites.
External security researchers discovered and reported the vulnerabilities. Vsevolod Kokorin from Solidlab identified the Extensions implementation flaw, while security researcher Seunghyun Lee (@0x10n) reported both V8 engine vulnerabilities.
Google Chrome Update
The security update will automatically roll out to users over the coming days and weeks. However, given the severity of these vulnerabilities, users are strongly encouraged to manually update their browsers immediately. To update Chrome, users can:
Google temporarily restricts access to detailed vulnerability information until most users have updated their browsers to the latest version.
This practice helps protect users who haven’t yet received the update from potential exploitation of these security flaws.
#Cyber_Security #Cyber_Security_News #Vulnerability #chrome #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
Chrome Security Update, Patch for High Severity Vulnerability
Author: Guru BaranGoogle has released a critical security update for its Chrome browser, addressing three high-severity vulnerabilities that could compromise user security.
The latest stable channel update, version 130.0.6723.69 for Linux and 130.0.6723.69/.70 for Windows and Mac includes patches for these significant security flaws.
Critical Vulnerabilities Addressed
Among the patched vulnerabilities is CVE-2024-10229, a high-severity flaw in Chrome’s Extensions component that could allow attackers to bypass site isolation protections.
This vulnerability poses a significant risk as it could enable unauthorized access to sensitive data across different sites.
Two additional types of confusion vulnerabilities in Chrome’s V8 engine, CVE-2024-10230, and CVE-2024-10231, were also patched.
According to Chrome advisory, these flaws could lead to heap corruption and allow attackers to execute arbitrary code on affected systems when users visit maliciously crafted websites.
External security researchers discovered and reported the vulnerabilities. Vsevolod Kokorin from Solidlab identified the Extensions implementation flaw, while security researcher Seunghyun Lee (@0x10n) reported both V8 engine vulnerabilities.
Google Chrome Update
The security update will automatically roll out to users over the coming days and weeks. However, given the severity of these vulnerabilities, users are strongly encouraged to manually update their browsers immediately. To update Chrome, users can:
- Open Chrome.
- Click on the three-dot menu in the top right corner.
- Select Help > About Google Chrome.
- Allow the browser to check for and install any available updates.
Google temporarily restricts access to detailed vulnerability information until most users have updated their browsers to the latest version.
This practice helps protect users who haven’t yet received the update from potential exploitation of these security flaws.
#Cyber_Security #Cyber_Security_News #Vulnerability #chrome #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
