Chrome Patches Multi Vulnerabilities in Latest Stable Release

by do son · October 23, 2024

Google has rolled out a crucial update to its Chrome browser, addressing three high-severity security flaws that could be exploited by attackers. The update, versions 130.0.6723.69/.70 for Windows and Mac, and 130.0.6723.69 for Linux, is being progressively released to users over the coming days and weeks.

The vulnerabilities, identified as CVE-2024-10229, CVE-2024-10230, and CVE-2024-10231, were reported by external security researchers and involved issues with browser extensions and the V8 JavaScript engine.

CVE-2024-10229 relates to an “inappropriate implementation in Extensions” and was discovered by Vsevolod Kokorin of Solidlab. This type of vulnerability could potentially allow malicious extensions to gain unauthorized access to user data or system resources.
CVE-2024-10230 and CVE-2024-10231 are both “Type Confusion” vulnerabilities in V8, reported by Seunghyun Lee. These flaws could allow attackers to execute arbitrary code on a user’s system by exploiting how the JavaScript engine handles different data types.

These vulnerabilities pose a significant risk to users, as successful exploitation could lead to data breaches, malware infections, or even complete system compromise. It is crucial to update your Chrome browser to the latest version as soon as possible to mitigate these risks.

Chrome typically updates automatically in the background. However, you can manually check for updates by following these steps:

Open Chrome.
Click the three vertical dots in the top right corner.
Go to “Help” > “About Google Chrome.”
If an update is available, it will begin downloading automatically.
Once the download is complete, click “Relaunch.”

This update also includes changes to the Extended Stable channel for Windows and Mac, which has been updated to version 130.0.6723.70. This channel receives feature updates less frequently but still benefits from important security fixes.