Google patches four severe security flaws within the Chrome browser
Google has released an update for the Chrome browser to address four critically rated security vulnerabilities. The update is available for Windows, macOS, Android, and iOS users.
One of the vulnerabilities is a Type Confusion in the V8 JavaScript engine. This error can lead to logical errors and data type issues, providing an opportunity for attackers to exploit the system. Google recommends updating Chrome to version 140.0.7339.185/.186 for Windows and macOS, 140.0.7339.155 for Android, and 141.0.7390.26 for iPhone or iPad.
Another vulnerability involves a heap buffer overflow in the Angle component. This issue allows the injection of malicious code, putting the computer at risk. The security vulnerability discovered in the Angle component involved one of these critical issues actively exploited.
Additionally, two other security holes could cause a 'Use after free' in the Dawn or WebRTC component. A 'Use after free' error allows an attacker to access already freed memory, potentially injecting their own code. This could compromise personal data or even gain full system control.
Chromium-based browsers like Microsoft Edge will also receive the update soon. Linux users should update to version 140.0.7339.185.
Attackers could exploit the Type Confusion error by creating a tailored HTML page that triggers a heap corruption. This could potentially allow them to take control of the user's computer.
The updated Chrome versions can be obtained through the built-in update function in settings, the ComputerBase download area for desktop users, or the Play Store/App Store for Android/iOS users.
In other news, the CB-Funk Podcast #136 discusses FSR 4 on RDNA 3 and the 'Mouse Revolution' with Jan-Frederik and Fabian. This podcast episode is a fascinating exploration of the latest developments in graphics technology and gaming peripherals.
Stay safe and keep your Chrome browser updated to protect yourself from potential threats.
Read also:
- Mural at blast site in CDMX commemorates Alicia Matías, sacrificing life for granddaughter's safety
- Microsoft's Patch Tuesday essential fixes: 12 critical vulnerabilities alongside a Remote Code Execution flaw in SharePoint
- British intelligence agency MI6 establishes a covert dark web platform named 'Silent Courier' in Istanbul for the purpose of identifying and enlisting secret agents.
- Russia intends to manufacture approximately 79,000 Shahed drones by the year 2025, according to Ukraine's intelligence.
