Skip to content
Sign In Subscribe
The best new electronics.MacWindowsGoogle chromeHow to activate google chromeChrome securityLinuxChrome security updateChrome web browserGoogle security warningChrome 131 update

Upcoming Google Chrome Security Alert: Crucial Information You Shouldn't Ignore

With Google endorsing numerous critical security weaknesses across various platforms, the suggestion is straightforward and crucial: promptly upgrade your Chrome browser.

 and  Administrator
3 min read
Utilizing the Google Chrome web browser on a portable computer machine
Utilizing the Google Chrome web browser on a portable computer machine

Upcoming Google Chrome Security Alert: Crucial Information You Shouldn't Ignore

Update, Dec. 20, 2024: This article, initially published on Dec. 19, now includes additional guidance for organizations managing Chrome or Chromium-based browsers.

On the heels of an urgent update to Google's Chrome web browser, another security patch is on the horizon for nearly 3 billion users across various operating systems. The urgency remains the same, but the number of vulnerabilities has risen: Google has confirmed four high-priority flaws, for which the discoverers were awarded a combined $75,000 in bug bounties.

Emergency Google Chrome Security Update for All Users: What You Need to Know

Google has announced a new update for the Chrome browser, set to roll out in the forthcoming weeks. The motive? Four major security flaws that have collectively earned the researchers a substantial hacker reward.

The four security vulnerabilities confirmed by Google are:

Upgrade prompt displayed in Google Chrome
  • CVE-2024-12692: A type confusion issue in the Chrome V8 JavaScript rendering engine.
  • CVE-2024-12693: An out-of-bounds memory access issue in the Chrome V8 JavaScript rendering engine.
  • CVE-2024-12694: A use-after-free issue in the Chrome browser compositing function.
  • CVE-2024-12695: An out-of-bounds write issue in the Chrome V8 JavaScript rendering engine.

Prudhvikumar Bommana from Google's Chrome security team stated, "Details of these issues and their related links may be restricted until a majority of users have been updated with a fix." Additionally, Bommana mentioned that restrictions would remain if the vulnerability exists in a third-party library still unaddressed by other projects.

Securely Updating Google Chrome to Protect Against New Threats

The following Chrome versions have been updated to avoid these vulnerabilities:

Google Chrome undergoes update re-launch interface revamp
  • 131.0.6778.204/.205 for Windows and Mac
  • 131.0.6778.204 for Linux
  • 131.0.6778.200 for Android

To safeguard against these newly-discovered threats, users must update their browsers as soon as possible. Here are the necessary steps:

Navigate to the Help | About option in your Google Chrome menu to initiate an automatic security update download.

Restart your Google Chrome browser after the update installation is complete to ensure protection.

Updated version of Google Chrome's user interface display

Repeat the first step to confirm that the Google Chrome update has been installed and activated, thus providing full protection against these threats.

Security Guidance for Organizations Running Google Chrome or Chromium-based Browsers

As a result of the latest Google Chrome browser security update addressing multiple serious, high-severity memory vulnerabilities, Alex Vovk, CEO and co-founder of Action1, an endpoint and patch management company, has offered the following advice for impacted organizations:

  • Ensure that all organizational systems using Google Chrome are updated to the latest version—utilize remote management tools to accomplish this.
  • Configure your browser settings using group policy or management tools to mandate automatic updates for Chrome across all user endpoints.
  • Implement advanced endpoint protection solutions, such as behavioral detection and intrusion prevention systems, to defend against browser vulnerabilities being exploited.
  • Conduct regular security assessments and penetration tests that encompass browser-based vulnerabilities.

"Communicate with employees about the significance of keeping software up to date," including the likes of Google Chrome and other web browsers powered by the Chromium engine, Vovk said, "and provide guidance on recognizing update prompts and initiating manual updates when necessary."

  1. Due to the recently discovered high-priority flaws in Google Chrome, users are advised to update their browser as soon as the new Chrome 131.0.6778.204/.205 version is available, not only on Mac and Windows but also on Linux and Android devices.
  2. In the wake of the Google security warning, organizations managing Chrome or Chromium-based browsers should ensure that all systems are updated to the latest version, utilizing remote management tools for efficient implementation.
  3. To safeguard against the Google Chrome vulnerabilities, Google Chrome users should follow Google's recommendation to navigate to the Help | About option, initiate an automatic security update download, restart their browser, and confirm the update installation.
  4. For Linux users, Google Chrome version 131.0.6778.204 addresses the identified security flaws, emphasizing the importance of keeping both Chrome and other Chromium-powered browsers up-to-date for enhanced security.
  5. As a preventative measure in response to the Google Chrome security patch, organizations can implement advanced endpoint protection solutions, such as behavioral detection and intrusion prevention systems, to guard against browser vulnerabilities being exploited.

Read also:

    Comments

    Related

    Latest