Chrome 126 Released With Patch For 21 Security Flaws

The Chrome team has released Chrome 126 to the Windows, Mac, and Linux stable channels. This substitute, which is in a dwelling to roll out over the impending days and weeks, entails many fixes and enhancements, focusing on safety.

Key Security Fixes

Chrome 126 addresses 21 safety vulnerabilities, many of which get been reported by external researchers. Some of the indispensable fixes encompass:

• CVE-2024-5830: Kind Confusion in V8, reported by Man Yue Mo of GitHub Security Lab, with a reward of $25,000.
• CVE-2024-5831: Use after free in Morning time, reported by wgslfuzz, with a reward of $10,000.
• CVE-2024-5832: One other Use after free in Morning time, also reported by wgslfuzz, with a reward of $10,000.
• CVE-2024-5833: Kind Confusion in V8, reported by @ginggilBesel, with a reward of $7,000.
• CVE-2024-5834: Corrupt implementation in Morning time, reported by gelatin dessert, with a reward of $5,000.
• CVE-2024-5835: Heap buffer overflow in Tab Groups, reported by Weipeng Jiang (@Krace) of VRI, with a reward of $3,000.

Other vulnerabilities addressed encompass diversified exercise-after-free disorders, heap buffer overflows, and depraved implementations all over diversified browser parts.

Original Parts and Enhancements

As well to to safety fixes, Chrome 126 introduces several unusual good points and enhancements:

• Defective-doc discover transitions: This selection lets in for refined transitions between diversified paperwork of the an identical origin, making improvements to the individual abilities with out requiring a single-web page utility architecture.
• Out-of-process iframe (OOPIF) PDF viewer: This unusual architecture simplifies adding unusual good points to the PDF viewer and improves performance.
• Reminiscence Saver aggressiveness: Administrators can now configure how aggressively the Reminiscence Saver feature deactivates unused tabs to release memory.
• Reactive prefetch on Desktop: This selection speeds up navigation by prefetching subresources someday of navigation per predictions from a Google-owned carrier.

Endeavor and Developer Updates

For undertaking customers and builders, Chrome 126 entails several updates:

• App-traipse encryption for cookies: Enhances cookie safety by binding the encryption key to Chrome’s utility identification, conserving against malware that will possibly perhaps rob cookies.
• Chrome extension telemetry integration with Story: Collects and analyzes extension telemetry files to procure insights on volatile actions.
• Net page-Embedded Permission Defend a watch on: Introduces a brand unusual HTML aspect to toughen the individual abilities of permission prompts.

The free up of Chrome 126 underscores Google’s dedication to safety and performance. Users are inspired to substitute their browsers promptly to get the profit of the most up-to-date fixes and enhancements.