Google Chrome Security Update – Multiple High-severity vulnerabilities patched. Google Chrome is one of the most popular web browsers, with over 3.2 billion users worldwide.
Google has been working out on every nook and corner to make it as secure as possible.
As another step towards security, Chrome has released the 114.0.5798.198/199 version for Windows along with 114.0.5735.198 for Mac and Linux update that has fixed multiple high-severity vulnerabilities from external as well as internal security researchers.
[1452137] CVE-2023-3420: Type Confusion V8
Reward: $20,000 – Man Yue Mo of GitHub Security Lab
An attacker can exploit heap corruption via a crafted HTML page in Type Confusion in V8 Google Chrome versions before 114.0.5735.198.
Reward: $10,000 – Piotr Bania of Cisco Talos
An attacker can exploit heap corruption via a crafted HTML page as there is a use-after-free in Media (the pointer does not clear after freeing memory allocation).
[1450397] CVE-2023-3422: Use after free in Guest View
Reward: $5000 – asnine
An attacker can convince a user to install a malicious extension and potentially exploit heap corruption via a crafted HTML page as there is a use-after-free in Guest View (the pointer does not clear after freeing memory allocation).
[1458017] As part of Internal security research, Google has been working on its fixes from internal audits, fuzzing, and other security initiatives inside the company.
Google also mentioned that access to these bugs’ details would be restricted unless most users have updated their Chrome versions.
Users are recommended to update to the latest versions of Chrome to patch these bugs.
To update Google Chrome:
- To begin, launch Chrome on your computer.
- Click on “More,” located in the upper right corner.
- To access information about Google Chrome, please click on “Help” and select “About Google Chrome.”
- Please click on the “Update Google Chrome” button. Note that if you are unable to locate this button, it indicates that you already have the latest version installed.
- Please relaunch Chrome again.
Source: https://cybersecuritynews.com/google-chrome-security-update/