New Google Chrome update fixes 3 high-severity vulnerabilities
With nearly 3.5 billion users, Google’s Chrome web browser dominates in terms of popularity. Unfortunately, this also makes it a big target for hackers looking to take advantage of security vulnerabilities. The third emergency security update for the browser has now dropped in as many weeks, and users on all platforms except iOS are being urged to ensure it is installed and activated as soon as possible. Here’s what you need to know.
The three highly rated vulnerabilities were fixed in Chrome 129.0.6668.89/.90 and 129.0.6668.81
Confirmed security vulnerabilities for Google Chrome keep popping up, and that’s not a bad thing. After all, it’s much better for good hackers to find and report these issues before criminal hackers can exploit them for malicious profit. However, it is obviously worrying when so many high-severity vulnerabilities are revealed in such a short period of time: a total of eight such security flaws have been confirmed in the last three weeks alone.
A stable Goggle channel post update for desktop users of the Chrome web browser running on Windows, Linux, and macOS, along with another for those using Android platformannounced the release of Chrome browser version 129.0.6668.89/.90 for Windows and Mac, 129.0.6668.89 for Linux and 129.0.6668.81 for Android users.
The three newly confirmed vulnerabilities, all with this high severity rating, mean you should try to update your browser as soon as possible in order to stay protected from these emerging threats. As is standard practice, the update will begin rolling out in the coming days, and the exact details of the vulnerabilities identified will not be made public until most Chrome browser users have had a chance to update and protect themselves. The security issues addressed in this latest Chrome browser update, along with what we know so far, are as follows:
- CVE-2024-7025 is an integer overflow vulnerability in Chrome’s Layout function.
- CVE-2024-9369 is an insufficient data validation in the Mojo communications system.
- CVE-2024-9370 is an improper implementation in the V8 JavaScript engine.
Update your Chrome browser now—See how to make sure you’re protected
Although Chrome will update automatically in most use cases, it can take anywhere from a few days to a week or two to roll out. Given the nature of the security issues revealed, users are advised to manually start the process as soon as possible, especially if you rarely close your browser tabs. You can do this by going to Help|About in the menu. If the update is available, the download will start automatically.
Start updating Chrome now
This alone will not protect you from attackers. It is vital that you not only download and install the Chrome browser update, but also close all your tabs and restart the app to activate it.
Restart your browser to activate the update
