April 25, 2024

Google releases Chrome stable channel version with patches for 20 vulnerabilities.

Out of 20, five are rated ‘high’ severity, eight are ‘medium’ severity, and three are ‘low’ severity.

In Chrome, use-after-free flaws can often be exploited for sandbox escapes, and Google this month announced improved protections against the exploitation of these security holes.

Advertisements

Of the five high-severity issues that Chrome 106 resolves, four are use-after-free vulnerabilities impacting three browser components, namely CSS, Survey, and Media. The fifth is an insufficient validation of untrusted input in Developer Tools.

This version also resolves three medium-severity use-after-free vulnerabilities, which impact three other Chrome components: Assistant, Import, and Logging.

The browser update also resolves medium-severity insufficient policy enforcement in Developer Tools and Custom Tabs, insufficient validation of untrusted input in VPN, incorrect security UI in Full Screen, and a type confusion in Blink.

The latest Chrome iteration is now rolling out to macOS and Linux as version 106.0.5249.61, and arrives on Windows computers as versions 106.0.5249.61/62.

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

Google Fixes Critical Vulnerability in Chrome -CVE-2024-4058

April 24, 2024

Red Ransomware Victimized Targus

April 23, 2024

Oracle Virtual Box Vulnerability PoC Released – CVE-2024-21111

April 22, 2024

CrushFTP Zeroday Vulnerability Exploited in Wild attack

April 21, 2024

TheCyberThrone Security Week In Review – April 20, 2024

April 21, 2024

MITRE Breached Exploiting Ivanti Zeroday

April 20, 2024

Discover more from TheCyberThrone

Subscribe now to keep reading and get access to the full archive.

Continue reading