security

Google Patched Four Security Flaws With Chrome Browser 114 Update – Cyber Security News


The tech giant Google recently released a major security update for its Chrome browser. With Chrome 114, Google patched four different security vulnerabilities affecting various components of the Chrome browser.

Google Chrome 114 Security Update Arrives

The recent Google Chrome 114 browser update brought numerous security fixes with it. Specifically, the firm addressed four different issues affecting the browser’s security.

As elaborated in Google’s Chrome release blog, three of the four vulnerabilities achieved a high-severity rating. They even made the researchers win huge bounties for reporting the flaws.

The first of these is CVE-2023-3420 – a type confusion vulnerability in Chrome’s V8 component. Google acknowledged the researcher Man Yue Mo of GitHub Security Lab, who reported the vulnerability to Google in early June. Moreover, the firm also rewarded the researcher with a $20,000 bug bounty.

The second vulnerability patched with this Chrome release includes CVE-2023-3421 – a use-after-free flaw in Media. Google rewarded the researcher Piotr Bania of Cisco Talos for reporting this vulnerability with a $10,000 bounty.

Next, the post mentions another high-severity use after free flaw in Guest View. This vulnerability (CVE-2023-3422) caught the attention of a researcher with the alias “asnine,” who reported the flaw to Google in early June. The firm appreciated asnine’s work with a $5000 bounty.

Google has not shared the details about the fourth security issue. Besides, the firm didn’t reveal any other details about the three flaws besides stating the CVE IDs and the nature of the bugs. This has been a norm of the firm to avoid sharing details about browser vulnerabilities, giving the users ample time to update their devices and prevent potential exploits.

Readers Also Like:  Judge blocks federal officials from contacting tech companies - Engadget

These security fixes arrive with Google Chrome for desktop version 114.0.5735.198/199 for Windows and version 114.0.5735.198 for Mac and Linux.

In addition, the firm also patched the same vulnerabilities with Chrome for Android version 114.0.5735.196. Thus, Android user should also update their devices with the latest Chrome version to receive the patches.

Let us know your thoughts in the comments.



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.