КућаСајбер БалканChrome Security Update: Patching 4 High-Severity Vulnerabilities

Chrome Security Update: Patching 4 High-Severity Vulnerabilities

Објављено на

spot_img

In a recent update, Google has addressed four high-severity vulnerabilities in the Chrome browser. The latest version, 114.0.5735.198 for Mac and Linux, and 114.0.5735.198/199 for Windows, brings fixes for these security issues. Users can expect the update to roll out gradually over the next few days and weeks.

One of the high-severity vulnerabilities, known as CVE-2023-3420, was reported by Man Yue Mo of the GitHub Security Lab. This bug, labeled as “Confusion in V8 issue,” allowed an external researcher to identify a potential security threat. As a result, Mo was awarded a $20,000 bug bounty from Google for helping to uncover this vulnerability.

Another high-severity vulnerability, identified as CVE-2023-3421, allows for free media usage and was reported by Piotr Bania of Cisco Talos. Bania received a $10,000 bug reward from Google for his contribution in discovering this flaw.

The third high-severity vulnerability, CVE-2023-3422, was discovered by an individual named Asnine and allows for free usage in guest view. This vulnerability received a bug reward of $5,000 from Google.

Google highlighted the tools and techniques used to discover these vulnerabilities, including libFuzzer, AFL, Control Flow Integrity, AddressSanitizer, MemorySanitizer, and UndefinedBehaviorSanitizer. These tools play a crucial role in identifying and resolving security flaws within the Chrome browser.

The release notification from Google mentioned that the stable and extended stable channels have been updated to version 114.0.5735.198 for Mac and Linux, and version 114.0.5735.198/199 for Windows. This update will be gradually rolled out to users in the upcoming days and weeks.

It is important to note that Google Chrome offers several different release channels to cater to the diverse needs of its users. These channels range from the daily Canary channel builds, which are highly experimental and unstable, to the stable channel releases that occur approximately every six weeks.

While it is possible to run multiple channels concurrently, it is advised to create a backup of your profile, including bookmarks, frequently viewed pages, history, and cookies, before switching to a different channel. This precaution ensures that your updated profile data remains compatible with the earlier version in case you decide to switch back to a more stable channel.

Overall, the recent Chrome security update provides users with the necessary fixes for four high-severity vulnerabilities. By addressing these issues promptly, Google ensures the continued security and protection of its users while browsing the internet. It is recommended that all Chrome users update to the latest version to benefit from these security enhancements.

Извор линк

Најновији чланци

Weekly Update 424 from www.troyhunt.com

CISO2CISO.COM publishes weekly updates on cyber security trends and news, providing valuable insights and...

Protecting against supply chain cyber risk through automation

The need for enhanced cybersecurity measures to protect supply chains from sophisticated cyberattacks has...

Institutions Need to Step Up Efforts in Managing Cybersecurity Risks

In recent news reported by The New York Times on Oct 29th, it was...

EMERALDWHALE steals over 15,000 cloud credentials and stores data in S3 bucket

Recently, a global cyber operation known as EMERALDWHALE has come to light, revealing a...

Више овако

Weekly Update 424 from www.troyhunt.com

CISO2CISO.COM publishes weekly updates on cyber security trends and news, providing valuable insights and...

Protecting against supply chain cyber risk through automation

The need for enhanced cybersecurity measures to protect supply chains from sophisticated cyberattacks has...

Institutions Need to Step Up Efforts in Managing Cybersecurity Risks

In recent news reported by The New York Times on Oct 29th, it was...
sr_RSSerbian