What is the latest stable version of Chrome announced by the Chrome team?

The latest stable version of Chrome announced by the Chrome team is version 126, available as 126.0.6478.54 for Linux and 126.0.6478.56/57 for Windows and Mac.

How many security fixes are included in Chrome version 126?

Chrome version 126 includes 17 security fixes.

What is the most critical vulnerability addressed in Chrome version 126?

One of the most critical vulnerabilities addressed is CVE-2024-5830 (CVSS Score 8.8), a Type Confusion in V8 that allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page.

Can you list some of the vulnerabilities addressed in Chrome version 126?

Some of the vulnerabilities addressed in Chrome version 126 include: 1. CVE-2024-5830 (CVSS Score 8.8): Type Confusion in V8 2. CVE-2024-5831 (CVSS Score 8.8): Use after free in Dawn 3. CVE-2024-5832 (CVSS Score 8.8): Use after free in Dawn 4. CVE-2024-5833 (CVSS Score 8.8): Type Confusion in V8 5. CVE-2024-5834 (CVSS Score 8.8): Inappropriate implementation in Dawn 6. CVE-2024-5835 (CVSS Score 8.8): Heap buffer overflow in Tab Groups 7. CVE-2024-5836 (CVSS Score 8.8): Inappropriate Implementation in DevTools 8. CVE-2024-5837 (CVSS Score 8.8): Type Confusion in V8 9. CVE-2024-5838 (CVSS Score 8.8): Type Confusion in V8 10. CVE-2024-5839 (CVSS Score 8.8): Inappropriate Implementation in Memory Allocator 11. CVE-2024-5840 (CVSS Score 8.1): Policy bypass in CORS 12. CVE-2024-5841 (CVSS Score 8.8): Use after free in V8 13. CVE-2024-5842 (CVSS Score 8.1): Use after free in Browser UI 14. CVE-2024-5843 (CVSS Score 8.8): Inappropriate implementation in Downloads 15. CVE-2024-5844 (CVSS Score 8.8): Heap buffer overflow in Tab Strip 16. CVE-2024-5845 (CVSS Score 8.8): Use after free in Audio 17. CVE-2024-5846 (CVSS Score 8.8): Use after free in PDFium

Why is it important to update to the latest version of Chrome?

It is important to update to the latest version of Chrome to ensure protection from the identified vulnerabilities, which could allow remote attackers to execute arbitrary code, exploit heap corruption, perform out-of-bounds memory access, and other malicious activities.

Advisory

Google releases Chrome 126 patching multiple high severity flaws

published: June 12, 2024

Take action: Finally an update without a critical actively exploited vulnerability. Still wise to update your Chrome, Edge, Opera, Brave. This time in a more relaxed approach.

Learn More

The Chrome team is delighted to announce the promotion of Chrome 126 to the stable channel for Windows, Mac, and Linux. This update, available as version 126.0.6478.54 for Linux and 126.0.6478.56/57 for Windows and Mac, includes various improvements and 17 security fixes.

Below is a detailed overview of the vulnerabilities addressed:

CVE-2024-5830 (CVSS Score 8.8): Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
CVE-2024-5831 (CVSS Score 8.8): Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2024-5832 (CVSS Score 8.8): Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2024-5833 (CVSS Score 8.8): Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVE-2024-5834 (CVSS Score 8.8): Inappropriate implementation in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVE-2024-5835 (CVSS Score 8.8): Heap buffer overflow in Tab Groups in Google Chrome prior to 126.0.6478.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page.
CVE-2024-5836 (CVSS Score 8.8): Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
CVE-2024-5837 (CVSS Score 8.8): Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVE-2024-5838 (CVSS Score 8.8): Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
CVE-2024-5839 (CVSS Score 8.8): Inappropriate Implementation in Memory Allocator in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2024-5840 (CVSS Score 8.1): Policy bypass in CORS in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to bypass discretionary access control via a crafted HTML page.
CVE-2024-5841 (CVSS Score 8.8): Use after free in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2024-5842 (CVSS Score 8.1): Use after free in Browser UI in Google Chrome prior to 126.0.6478.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform an out of bounds memory read via a crafted HTML page.
CVE-2024-5843 (CVSS Score 8.8): Inappropriate implementation in Downloads in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to obfuscate security UI via a malicious file.
CVE-2024-5844 (CVSS Score 8.8): Heap buffer overflow in Tab Strip in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2024-5845 (CVSS Score 8.8): Use after free in Audio in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2024-5846 (CVSS Score 8.8): Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2024-5847 (CVSS Score 8.8 ): Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Users are encouraged to update to the latest Chrome version to ensure they are protected from these vulnerabilities.

Google releases Chrome 126 patching multiple high severity flaws

Read More
Microsoft October 2025 patch tuesday fixes 172 flaws …
Limit your trust in Social media apps - …
Microsoft patch release for November 2023, fixes 5 …
State of (in)security - Week 38, 2024
Trust Wallet browser extension breached, $7 Million stolen …