Chrome Flaw Let Attacker Corrupt Memory via Crafted HTML Page

Google has updated the Stable channels to 121.0.6167.85 for Mac and Linux and 121.0.6167.85/.86 for Dwelling windows as fragment of a security substitute for Chrome.

There are 17 security fixes in this substitute. The toughen would possibly per chance be rolled out over the impending few days and weeks.

High-Severity Flaws Addressed

A excessive-severity topic used to be identified as CVE-2024-0807, Use after free in WebAudio. This allowed a miles-off attacker to likely exploit heap corruption by device of a crafted HTML page.

Google awarded a $11000 bounty after Huang Xilin of Ant Community Gentle-365 days Safety Lab reported it.

The vulnerability identified as Faulty implementation in accessibility (CVE-2024-0812) used to be positive to bear a excessive severity.

This allowed a miles-off attacker to potentially exploit object corruption by device of a crafted HTML page. Google introduced a $9000 reward and acknowledged the reporter used to be anonymous.

CVE-2024-0808, Integer underflow in WebUI, used to be stumbled on to be a excessive-severity topic. This enabled a miles-off attacker to potentially exploit heap corruption by device of a malicious file. A $6000 bounty used to be issued by Google, as reported by Lyra Rebane (rebane2001).

Medium and Low-Severity Flaws Addressed

The Medium-severity bugs addressed in this substitute are listed under:

CVE-2024-0810 – Inadequate protection enforcement in DevTools, CVE-2024-0814 – Unsuitable security UI in Funds, CVE-2024-0813 – Use after free in Discovering out Mode.

CVE-2024-0806 – Use after free in Passwords, CVE-2024-0805 – Faulty implementation in Downloads, and CVE-2024-0804 – Inadequate protection enforcement in iOS Safety UI.

The Low- severity bugs addressed in this substitute are listed under:

CVE-2024-0811 – Faulty implementation in Extensions API and CVE-2024-0809 – Faulty implementation in Autofill.

Chrome Safety Update

• Mac and Linux (121.0.6167.85)
• Dwelling windows (121.0.6167.85/.86)

Google urged customers substitute to the most most up-to-date patched version of Chrome as quickly as attainable to lessen security risks.

Update Now!

To substitute the Chrome net browser, you can bear gotten to spend about a easy steps that we bear talked about under:-

• Go to the Settings possibility.
• Then select About Chrome.
• Now, you would possibly per chance maybe wait, as Chrome will robotically secure and fetch the most up-to-date substitute.
• Then, defend up for the most up-to-date version to be installed.
• Once the installation route of is whole, you’ll must restart Chrome.
• That’s it. Now you are carried out.