Google has announced a significant security update for its Chrome browser, addressing 17 vulnerabilities in the latest build.
The update, which affects the Stable and Extended Stable channels, will roll out over the coming days and weeks for Windows, Mac, and Linux users.
The Stable channel has been updated to versions 130.0.6723.58/.59 for Windows and Mac and 130.0.6723.58 for Linux.
Meanwhile, the Extended Stable channel has been updated to version 130.0.6723.59 for Windows and Mac. These updates are part of Google’s ongoing efforts to enhance browser security and protect users from threats.
Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free
In this update, Google has patched 17 security vulnerabilities, with several fixes contributed by external researchers.
The company has awarded $66,000 in rewards to those who reported these issues. The table below summarizes the key vulnerabilities patched:
| Severity | CVE ID | Description | Reward |
| High | CVE-2024-9954 | Use after free in AI | $36,000 |
| Medium | CVE-2024-9955 | Use after free in Web Authentication | $6,000 |
| Medium | CVE-2024-9956 | Inappropriate implementation in Web Auth | $6,000 |
| Medium | CVE-2024-9957 | Use after free in UI | $5,000 |
| Medium | CVE-2024-9958 | Inappropriate implementation in PictureInPicture | $5,000 |
| Medium | CVE-2024-9959 | Use after free in DevTools | $4,000 |
| Medium | CVE-2024-9960 | Use after free in Dawn | $2,000 |
| Medium | CVE-2024-9961 | Use after free in Parcel Tracking | $2,000 |
| Medium | CVE-2024-9962 | Inappropriate implementation in Permissions | $1,000 |
| Medium | CVE-2024-9963 | Insufficient data validation in Downloads | TBD |
| Low | CVE-2024-9964 | Inappropriate implementation in Payments | $3,000 |
| Low | CVE-2024-9965 | Insufficient data validation in DevTools | $1,000 |
| Low | CVE-2024-9966 | Inappropriate implementation in Navigations | $1,000 |
Google continues to emphasize its commitment to security through internal audits and collaborations with external researchers.
The company utilizes tools such as AddressSanitizer and MemorySanitizer to detect vulnerabilities proactively.
Access to detailed bug information remains restricted until most users have applied the update to ensure comprehensive protection.
How to Choose an ultimate Managed SIEM solution for Your Security Team -> Download Free Guide(PDF)
Best DNS Management Tools play a crucial role in efficiently managing domain names and their…
Customers can now easily integrate Sweet’s runtime detection and response platform into their AWS environments…
Cybercriminals exploit leaked credentials, obtained through various means, to compromise systems and data, enabling them…
SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases from…
In late October 2024, a coordinated IP spoofing attack targeted the Tor network, prompting abuse…
The Metasploit Framework, a widely used open-source penetration testing tool maintained by Rapid7, has introduced…