close
close

Patch for multiple vulnerabilities enables RCE

Patch for multiple vulnerabilities enables RCE

Google has announced the release of Chrome 126, an important security update that fixes 10 vulnerabilities, including 8 high severity flaws reported by third-party researchers.

This update is now rolling out to Windows, macOS, and Linux users, with version numbers 126.0.6478.182/183 for Windows and macOS, and 126.0.6478.182 for Linux.

Protect your business emails from spoofing, phishing, and BEC with AI-driven security | Free demo

The security update focuses on resolving several memory-related issues that could potentially lead to sandbox escapes and remote code execution. The vulnerabilities resolved in this release include:

  1. Incorrect implementation in V8 (CVE-2024-6772)
  2. Type confusion in V8 (CVE-2024-6773)
  3. Use-after-free bugs in screen recording (CVE-2024-6774)
  4. Use-after-release in Media Stream (CVE-2024-6775)
  5. Use-after-release in Audio (CVE-2024-6776)
  6. Use-after-release in Navigation (CVE-2024-6777)
  7. Race Condition in DevTools (CVE-2024-6778)
  8. Out-of-bounds memory access in V8 (CVE-2024-6779)

There have been no reports of these vulnerabilities actually being exploited, but users are strongly advised to update their browsers as soon as possible to mitigate any potential risks.

The update process is automatic, but users can manually check for updates by going to Chrome’s Settings and selecting “About Chrome.”

In addition to the desktop version, Google has also released Chrome 126.0.6478.186 for Android, which includes the same security patches as the desktop version.

This update underscores Google’s ongoing efforts to improve Chrome’s security and quickly address potential vulnerabilities.

Users are advised to keep their browsers up to date to ensure they have the latest security measures in place.

To update Chrome, users can go to the browser settings and click on ‘About Chrome’. The browser can then check for updates and install them.

Join our free webinar to learn more about Combating slow DDoS attacksa major threat today.