Chrome Security Update, Fix For Multiple Vulnerabilities
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
Google has rolled out a crucial security update for its Chrome browser, addressing multiple vulnerabilities that could potentially compromise user safety.
The latest update, version 131.0.6778.85/.86 for Windows and Mac, and 131.0.6778.85 for Linux, is set to be distributed gradually over the coming days and weeks.
The update includes three significant security fixes, with one particularly noteworthy vulnerability:-
Google’s commitment to browser security extends beyond reactive fixes. The company employs a range of advanced techniques to detect and prevent security issues:
These tools help identify potential vulnerabilities before they can be exploited in the wild.
Update Rollout and User Protection
Google is taking a cautious approach to the update rollout:-
Google has expressed gratitude to all security researchers who collaborated during the development cycle to prevent security bugs from reaching the stable channel.
This ongoing partnership between Google and the security research community plays a crucial role in maintaining Chrome’s security posture.
While Google is rolling out the update automatically, users are advised to:-
#Cyber_Security #Cyber_Security_News #Security_Updates #Vulnerability #cyber_security_news #vulnerability
Оригинальная версия на сайте:
Chrome Security Update, Fix For Multiple Vulnerabilities
Author: Tushar Subhra DuttaGoogle has rolled out a crucial security update for its Chrome browser, addressing multiple vulnerabilities that could potentially compromise user safety.
The latest update, version 131.0.6778.85/.86 for Windows and Mac, and 131.0.6778.85 for Linux, is set to be distributed gradually over the coming days and weeks.
The update includes three significant security fixes, with one particularly noteworthy vulnerability:-
- High-Severity Vulnerability : A type confusion issue in V8, Chrome’s JavaScript engine, has been identified and patched. This vulnerability, labeled CVE-2024-11395, was reported anonymously on November 5, 2024. Google has awarded an $8,000 bounty for this critical discovery.
- Internal Security Enhancements : Google’s internal security team has implemented various fixes resulting from audits, fuzzing, and other security initiatives.
Google’s commitment to browser security extends beyond reactive fixes. The company employs a range of advanced techniques to detect and prevent security issues:
- AddressSanitizer
- MemorySanitizer
- UndefinedBehaviorSanitizer
- Control Flow Integrity
- libFuzzer
- AFL (American Fuzzy Lop)
These tools help identify potential vulnerabilities before they can be exploited in the wild.
Update Rollout and User Protection
Google is taking a cautious approach to the update rollout:-
- The company may restrict access to bug details and links until a majority of users have received the update.
- Restrictions may remain in place if the bug affects third-party libraries used by other projects that have not yet implemented fixes.
Google has expressed gratitude to all security researchers who collaborated during the development cycle to prevent security bugs from reaching the stable channel.
This ongoing partnership between Google and the security research community plays a crucial role in maintaining Chrome’s security posture.
While Google is rolling out the update automatically, users are advised to:-
- Check their current Chrome version
- Manually update if necessary
- Ensure automatic updates are enabled for future security patches
#Cyber_Security #Cyber_Security_News #Security_Updates #Vulnerability #cyber_security_news #vulnerability
Оригинальная версия на сайте:
