Google releases Chrome security update, patches two high severity flaws
Take action: Time to update your Chrome and Chromium based browsers (Brave, Opera, Edge). Not a panic mode patch, but don't delay, the update is trivial and all your tabs come back.
Learn More
Google has released security update for the Chrome browser, bringing it to version 129.0.6668.100/.101 for Windows and Mac, and 129.0.6668.100 for Linux.
This update addresses three security vulnerabilities, with two high-severity type confusion flaws in the V8 JavaScript engine being the most critical. These flaws could potentially allow attackers to execute arbitrary code on affected systems.
- CVE-2024-9602 (CVSS score 8.8) - type confusion within V8. This type of vulnerability occurs when a resource is accessed using an incompatible type, leading to memory corruption and possible code execution
- CVE-2024-9603 (CVSS score 8.8) - type confusion in V8
These type confusion issues are rated as high severity because they can compromise system integrity, enabling attackers to run code remotely. As a precaution, Google has restricted access to technical details until a majority of users have updated, to prevent potential exploitation.
Users are advised to update to the latest version immediately by navigating to Help > About Google Chrome in their browser settings.
The update also includes various fixes identified through internal audits, fuzzing, and other techniques, such as AddressSanitizer and MemorySanitizer.
