Chrome Security Update: 15 Critical Vulnerabilities Fixed, Over $60,000 Rewarded
Google has printed a security change for Chrome, updating the Stable channel for Mac and Linux to 115.0.5790.170 and 115.0.5790.170/.171 for Home windows. The free up of this toughen will happen over the impending days/weeks.
This change presents 17 safety fixes, including fixes found by external researchers.
High-Severity Vulnerabilities Patched
Confusion in V8 misfortune CVE-2023-4068 and CVE-2023-4070 are the ‘high’ severity flaws which were mounted. It became once reported by external researcher Jerry, who also obtained $23,000 and $20,000, respectively, as worm bounty from Google.
Kind Confusion in V8, CVE-2023-4069, with a ‘high’ severity differ, has been reported by Man Yue Mo of GitHub Safety Lab and obtained $21,000 as a worm bounty.
Heap buffer overflow in the Visuals misfortune tracked as CVE-2023-4071 with a ‘high’ severity differ became once reported by external researchers Guang and Weipeng Jiang and obtained $17,000 as a worm bounty.
Out-of-bounds be taught and write in WebGL tracked as CVE-2023-4072 with a ‘high’ severity differ has been reported by Apple Safety Engineering and Structure (SEAR) and obtained $15,000 as a worm bounty.
Out-of-bounds reminiscence rep admission to in ANGLE tracked as CVE-2023-4073 with a ‘high’ severity became once reported by Jaehun Jeong(@n3sk) of Theori and obtained $10000 as a worm bounty.
Utilize after free in Blink Task Scheduling misfortune tracked as CVE-2023-4074 with a ‘high’ severity differ became once reported by Unkown obtained a worm bounty of $8000.
Utilize after free in Cast, tracked as CVE-2023-4075 with a ‘high’ severity differ, has been reported by Cassidy Kim(@cassidy6564) and obtained a worm bounty of $5000 from Google.
Utilize after free in WebRTC tracked as CVE-2023-4076 with a ‘high’ severity became once reported by Natalie Silvanovich of Google Mission Zero.
Medium-Severity Vulnerabilities Patched
Insufficient facts validation in Extensions tracked as CVE-2023-4077 became once reported by an Nameless particular person and Google paid a bounty of[$3000[00
Rotten implementation in Extensions tracked as CVE-2023-4078, reported by an Nameless particular person and obtained a worm bounty of $1000.
Hence, upgrading to 115.0.5790.170 for Mac and Linux users and 115.0.5790.170/.171 for Home windows is told.
Right here’s a Book on The suitable strategy to Change Google Chrome
- In your pc, originate Chrome.
- At the head authorized, click on More.
- Click Aid about Google Chrome.
- Click Change Google Chrome. Well-known: Whereas you are going to be in a space to’t get this button, you’re on the most recent model.
- Click Relaunch.
Source credit : cybersecuritynews.com