With nearly 3.5 billion users, Google’s Chrome web browser rules the roost when it comes to popularity. Unfortunately, that also makes it a big target for hackers looking to profit from security vulnerabilities. The third urgent security update for the browser has now dropped in as many weeks, and users across all platforms apart from iOS are urged to ensure it is installed and activated as soon as possible. Here’s what you need to know.
The Three High-Rated Vulnerabilities Patched In Chrome 129.0.6668.89/.90 And 129.0.6668.81
The confirmed security vulnerabilities for Google Chrome just keep rolling in, and that’s not an altogether bad thing. After all, it’s far better that the good hackers find and report these issues before the criminal hackers can exploit them for nefarious gain. However, it is obviously of concern when quite so many high-severity vulnerabilities are uncovered in such a short period of time: a total of eight such security flaws have been confirmed in just the last three weeks.
A Goggle stable channel update posting for desktop users of the Chrome web browser running on Windows, Linux and macOS, along with another for those on the Android platform, has announced the release of Chrome browser version 129.0.6668.89/.90 for Windows and Mac, 129.0.6668.89 for Linux and 129.0.6668.81 for Android users.
The three newly confirmed vulnerabilities, all with that high-severity rating, mean that you should be looking to update your browser as soon as possible in order to stay protected from these emerging threats. As is established practice, the update will start rolling out in the coming days, and the precise details of the vulnerabilities that have been found will not be released to the public until a majority of Chrome browser users have had the chance to update and protect themselves. The security issues that have been addressed in this latest Chrome browser update, along with the information that we know so far, are as follows:
- CVE-2024-7025 is an integer overflow vulnerability in Chrome’s Layout function.
- CVE-2024-9369 is an insufficient data validation in the Mojo communications system.
- CVE-2024-9370 is an inappropriate implementation in the V8 JavaScript engine.
Update Your Chrome Browser Now—Here’s How To Ensure You Are Protected
Although Chrome will update automatically in most use cases, this can take anything from a few days to a week or two to roll out. Given the nature of the security issues uncovered, users are advised to manually kickstart the process as soon as possible, especially if you rarely close your browser tabs. You can do this by heading to the Help|About option in the menu. If the update is available, it will automatically start downloading.
This in itself will not protect you from attackers. It is vital that you not only download and install the update for the Chrome browser, but also close all your tabs and relaunch the application to activate it.
Read the full article here