Google has released updates to address two vulnerabilities in the Chrome browser that could potentially allow attackers to take control of users’ systems.
The vulnerabilities, identified as CVE-2024-10487 and CVE-2024-10488, affect Chrome across Windows, Mac, and Linux platforms
The critical vulnerability, CVE-2024-10487, is an out-of-bounds write vulnerability in the Dawn graphics library. This flaw can allow attackers to corrupt memory and potentially execute malicious code on the user’s device.
The high-severity vulnerability, CVE-2024-10488, is a use-after-free vulnerability in WebRTC, the technology powering real-time communication in Chrome. This vulnerability could enable attackers to exploit a freed memory space, leading to crashes or, in more severe cases, arbitrary code execution.
Google has rolled out updates to versions 130.0.6723.91/.92 for Windows and Mac, and 130.0.6723.91 for Linux. The Extended Stable channel has also been updated to 130.0.6723.92 for Windows and Mac. Users are urged to update their Chrome browsers as soon as possible to mitigate these security risks,
