Google has recently released Chrome 120 for Windows, Mac, and Linux.
This version of Chrome comes with 10 security patches to ensure a safer browsing experience for its users.
The most recent versions of Chrome available to users are 120.0.6099.62 for Linux and macOS and 120.0.6099.62/.63 for Windows.
The most recent version of the Extended Stable channel is 120.0.6099.63 for Windows and 120.0.6099.62 for Mac.
The update will be implemented over the next few days and weeks.
Although ten security flaws are fixed overall, Google only lists the flaws external researchers disclose.
A high-severity issue was identified as CVE-2023-6508, used after free in Media Stream.
This allowed a remote attacker to possibly exploit heap corruption via a crafted HTML page.
Google awarded a $10,000 bounty after Cassidy Kim reported it.
This allowed a remote attacker who enticed a user to perform a specific UI interaction to possibly exploit heap corruption.
Khalil Zhani reported this problem, and a bounty of $1,000 was given.
After [pwn2car] reported this, a $1,000 bounty was given out.
Inappropriate implementation in Autofill is a low-severity bug identified as CVE-2023-6511.
Google awarded a $2000 bounty after Ahmed ElMasry reported this.
A low-severity bug identified as CVE-2023-6512 relates to an inappropriate web browser user interface implementation.
Om Apip reported it, and a $1,000 bounty was given out.
To view the most recent version on desktop devices, users of Google Chrome can navigate to Menu > Help > About Google Chrome or type chrome://settings/help into the address bar.
The browser looks for updates as soon as the website is accessed; it downloads and installs any that it finds.
To finish the update, the browser must be restarted.
Google recommends that users update to the most recent version of Google Chrome to prevent exploiting vulnerabilities.
This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 07 Dec 2023 15:55:08 +0000