Google is rolling out a security update with fixes for three vulnerabilities recently disclosed by security researchers, following a series of similar updates meant to address zero-day flaws disclosed at the Pwn2Own hacking contest.
Google has been releasing a steady stream of security updates for Chrome users since the disclosure of several critical vulnerabilities at Pwn2Own Vancouver 2024.
The latest such release comes in the form of Chrome 123.0.6312.122/.123 for Windows, and Chrome 123.0.6312.122/.123/.124 for Mac and 123.0.6312.122 Linux, “which will roll out over the coming days/weeks,” according to the official Chrome Releases blog.
The flaws addressed in this release, tracked as CVE-2024-3157, CVE-2024-3516 and CVE-2024-3515, are considered serious vulnerabilities that could give a motivated attacker leeway to compromise a target device running an older (unpatched) version of Chrome.
While neither bug is known to be exploited in the wild – at least not to Google – the web giant signals the importance of patching by rating them as “high” on the scale of severity.
Unlike most Chrome updates, this release squarely targets the desktop userbase – i.e. no adjacent updates will be available to Android or iOS users running Chrome on their smartphones or tablets. Which is good news. Threat actors have been known to exploit Chrome weaknesses to infect unpatched devices with spyware.
As always, Bitdefender recommends netizens keep their software updated at all times, especially when it comes to widely-used products like Chrome – the world’s most popular web surfing app.
For peace of mind, consider running a dedicated security solution on all your personal devices, including on your phone.