The Google Chrome team has been working to fix some significant security issues in the latest version, Chrome 128. This is after four zero-day severe vulnerabilities were found.
Details of the New Vulnerabilities
External researchers found four high-severity zero-day vulnerabilities in the Chromium codebase. The Chrome team fixed them quickly. Two of the vulnerabilities, CVE-2024-8198 and CVE-2024-8193, are in the Skia graphics library, which Chrome and other Chromium-based browsers use for rendering.
V8 Engine and Security Patches
The other two vulnerabilities, CVE-2024-7969 and CVE-2024-8194, are in the Chrome V8 engine, which runs JavaScript in the browser. Limited information about the exploits to prevent abuse was provided before most users got the update. According to Google, details and links to these vulnerabilities will be restricted until the update is rolled out to more users.
Updating to the Latest Chrome Version
The latest security patches are part of the new Chromium release 128, which is rolling out to users now. You can check if you have the newest version by going to the ‘About’ page in Chrome settings. The new versions for Windows and Mac should read 28.0.6613.113/114 and 128.0.6613.113 for Linux. If you have an older version, Chrome should download the latest one and prompt you to ‘relaunch’ to install. Also Learn about Ubuntu will shortly be prompted to upgrade to Ubuntu 24.04 version.
Impact on Other Chromium-based Browsers
Other browsers that use the Chromium engine, like Brave, Microsoft Edge, Opera, DuckDuckGo, and Vivaldi, have yet to receive these patches. As of the latest reports, Microsoft’sdge is 128.0.2739.42, and Brave is 128.0.6613.85. They should get these patches soon to keep users safe.
Good job, Google! But remember to update your browser.
Source:Google Chrome