Friday, November 22, 2024

Serious New Google Chrome Security Warning For 3 Billion Users

Must read

With so many changes to security and privacy features hitting users of Google products lately, it would be all too easy to miss one or two announcements. However, Google has just confirmed a security update that users of the Chrome browser across all platforms other than iOS need to take very seriously indeed. Here’s what Chrome users running Windows, Linux, macOS and Android need to know.

Google Users Have Been Overwhelmed By Recent Privacy And Security Alerts

Across the last few weeks there have been more privacy and security alerts regarding Google products and services than I can recall at any other time in recent memory. Breaking news about how Google tracks you, how the Play Store protects you from rogue apps, critical new security measures for Gmail accounts, and the ending of ‘less secure’ access for Gmail users have all vied for your attention. However, an announcement by Google that was published on Tuesday July 23 is one that you cannot afford to overlook if you value the security of your data while using the Chrome browser on most any platform.

Forbes280 Million Google Chrome Users Installed Dangerous Extensions, Study Says

Google Chrome Security Update Alert

The Chrome team at Google has confirmed that 24 security vulnerabilities, including five with a concerning high rating, have been found to impact users of the world’s most popular web browser. That’s all for users, regardless of the platform upon which it is running unless you are using an iPhone that is.

The high-rated vulnerabilities have already earned the people who found them a total of $19,000 in rewards from Google, and that’s only for two of them with the remaining three bounty payments still to be determined.

These vulnerabilities are the most serious of the 24 that have been confirmed and are as follows:

  • CVE-2024-6988 is a use after free vulnerability in Downloads.
  • CVE-2024-6989 is another use after free vulnerability but this time in the Loader component.
  • CVE-2024-6991 is, you guessed it, a use after free vulnerability but in the webGPU-mapping Dawn component.
  • CVE-2024-6992 is an out of bounds memory access vulnerability in the graphics-rendering ANGLE component.
  • CVE-2024-6993 is an inappropriate implementation vulnerability in the Canvas drawing app in Chrome.

As is always the case, Google has reserved the right to restrict full access to details of these vulnerabilities until such a time as the majority of users have updated their devices with the fix. This update is now rolling out across all the previously mentioned platforms.

ForbesGmail Users Offered Free Top Tier Security Upgrade-Say Goodbye To 2FA

Update Your Google Chrome Browser Now

Users are advised to ensure that they are running the latest version of the Google Chrome browser so as to have fixes in place for all the newly disclosed vulnerabilities. While such updates will roll out automatically, users are warned that they should check to make sure they have not only received the update but that it is installed and activated correctly. This can vary from platform to platform, but the version numbers you need to be safe are as follows:

  • Windows and macOS users: version 127.0.6533.72/73
  • Linux users, version 127.0.6533.72
  • Android users, version 127.0.6533.64

Latest article