Google Chrome for Desktop has patched multiple vulnerabilities that might have allowed attackers to run arbitrary code on compromised PCs. The Indian Computer Emergency Response Team (CERT-In) determined that these Google Chrome vulnerabilities were of high severity.
The vulnerabilities affected Google Chrome versions before 125.0.6422.141/.142 for Windows and Mac and before 125.0.6422.141 for Linux systems. Identified as CERT-In Vulnerability Note CIVN-2024-0179, these Google Chrome for Desktop vulnerabilities posed a significant risk to users’ security.
Decoding the Google Chrome for Desktop Vulnerabilities
The Google Chrome for Desktop vulnerabilities included Use after free in Media Session, Dawn & Presentation API; Out of bounds memory access in Keyboard; Out of bounds write in Streams API, and Heap buffer overflow in WebRTC. Attackers might take advantage of these flaws by deceiving users into viewing maliciously designed websites.
Google acted promptly to address these issues with a Stable Channel Update rolled out on May 30, 2024. The update, version 125.0.6422.141/.142 for Windows and Mac, and 125.0.6422.141 for Linux, contains fixes for a total of 11 security issues, including those highlighted by external researchers.
According to the security blog, an external security researcher contributed Heap buffer overflow in WebRTC, Use after free in Dawn, Use after free in Media Session, and Out-of-bounds memory access in Keyboard Inputs patches with the updates.Â
The joint endeavor of Google and security researchers was important in recognizing and resolving these vulnerabilities before their widespread use.
Mitigations Against the Google Chrome for Desktop Vulnerability
CERT-In advises users to update their browser to the latest version of Google Chrome. This reduces the possibility of getting targeted by Google Chrome for Desktop vulnerabilities.
Since Google Chrome often provides security updates to address new threats and vulnerabilities, it’s imperative to stay up to speed with software patches.
Apart from the outside aid, Google’s in-house security team also carried out fuzzing, audits, and other proactive measures to find and address vulnerabilities. Google’s dedication to ensuring its users have a safe and secure surfing experience is evident in its all-encompassing strategy.
Users can visit the Chrome Security Page to learn more about the security changes included in the most recent release. It is recommended that users of Google Chrome maintain their browsers updated to be safe from any potential dangers.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.