![]() ![]() I am also a Firefox user due to it’s still required by a few official sites and some goverment sites too to pay taxes and so forth. And I am a Chrome user since 2011 more or less. I can’t remember which was the first Chrome version that I used for the first time, however I remember clearly like the water that Chrome has never give me a single problem updating it, neither using it. I write this comment with no aim to generate discussion nor to start an unusual trolling thread here (lol). The previous update was released on April 15, 2023. The security update is the second update for Chrome 112 that patches a security issue that is exploited in the wild. Expect updates for Edge, Brave and other browsers soon. Users who run other Chromium-based web browsers should pay attention to updates for their browsers, as these are also affected by the security issue. Public information is limited at this point, but Skia refers to a component of Chrome that is responsible for "nearly all graphics operations, including text rendering" according to the Chromium design documents. Security issue CVE-2023-2136 is exploited in the wild, according to Google. Reported by Nan and Guang Gong of 360 Vulnerability Research Institute on Įxternal security researchers get a bug bounty when they report security issues to Google and other browser developers. Medium CVE-2023-2137: Heap buffer overflow in sqlite.Reported by Clément Lecigne of Google's Threat Analysis Group on High CVE-2023-2136: Integer overflow in Skia.High CVE-2023-2135: Use after free in DevTools.High CVE-2023-2134: Out of bounds memory access in Service Worker API.High CVE-2023-2133: Out of bounds memory access in Service Worker API.The five security issues include the issue that is exploited in the wild. Information about security issues that it detected internally are not revealed to the public. Google lists five of the eight security issues that it fixed in the latest Google Chrome update on the official Chrome Releases blog. ![]() Google Chrome for Android: 1.135 or 1.136.Google Chrome for Windows: 1.137 or 1.138. ![]() Once updated, the following versions should be listed on the About Google Chrome page: On Android, updates are handled by Google Play. A restart of the browser is required to complete the process. The browser runs a check for updates when the page is opened to download the latest update that it finds. Users are advised to update as soon as possible to protect their devices from potential attacks that target these vulnerabilities.Ĭhrome desktop users may load chrome://settings/help directly in the address bar, or select Menu > Help > About Google Chrome, to display the installed version. If a new update has come it should show or it will get applied automatically.The update is available for desktop versions of Google Chrome and for Chrome on Android. You can always go to Chrome settings in the browser and check for ‘About Chrome’. Ideally, you should look out for the latest updates for Chrome on whatever platform or OS you are using it on to ensure that your browser is safe and has been patched for these vulnerabilities. Google Chrome version 1.114 fixes all four of the detected vulnerabilities and it will be rolled out over the next few days. This is also being done to ensure that hackers can misuse information about the zero-day flaws to create exploits. Google has withheld some details about the flaws in order to ensure that users can apply the latest update to fix these flaws. Zero-days are vulnerabilities unknown to those who developed the system. According to Google, one of the fixes was for a zero-day vulnerability. Google has fixed multiple severe security loopholes in its latest release of Chrome for Windows, macOS, Linux and Android. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |