Chrome 120 Update: Critical 0-Day Security Vulnerability Patched

Critical Update: Google Chrome 120 Security Patch Released

Google has just issued an urgent update for its Chrome browser that addresses critical security issues affecting all desktop and Android versions. Among the vulnerabilities patched, one has been actively exploited in the wild, highlighting the importance for users to update immediately.

Why You Should Update Now

Even though Google Chrome typically updates automatically, it’s crucial for users to confirm they are on the latest version, especially due to the presence of a 0-day vulnerability that poses a significant threat.

How to Update Google Chrome

To ensure you are running the latest version of Google Chrome, follow these simple steps:

Open your Chrome browser.
Navigate to chrome://settings/help in the address bar, or click on the Menu icon and select Help > About Google Chrome.
Allow Chrome to check for updates. If an update is available, the browser will automatically download and install it.
Once completed, you will need to restart Chrome to finalize the update.

What Versions Are Affected?

After installing the update, you should see one of the following version numbers listed:

Chrome for Mac: 120.0.6099.234
Chrome for Linux: 120.0.6099.224
Chrome for Windows: 120.0.6099.224 or 120.0.6099.225
Chrome Extended Stable Channel for Mac: 120.0.6099.234
Chrome Extended Stable Channel for Windows: 120.0.6099.225

Details on Security Vulnerabilities

According to the Google Chrome releases blog, three out of the four vulnerable issues have been documented:

High CVE-2024-0517: An out-of-bounds write vulnerability in V8. Reported by Toan (suto) Pham of Qrious Secure on January 6, 2024. Reward: $16,000
High CVE-2024-0518: A type confusion issue within V8. Reported by Ganjiang Zhou (@refrain_areu) of the ChaMd5-H1 team on December 3, 2023. Reward: $1,000
High CVE-2024-0519: An out-of-bounds memory access problem in V8, reported on January 11, 2024. Reward: TBD

Google has confirmed that CVE-2024-0519 is actively being exploited. “Google is aware of reports that an exploit for CVE-2024-0519 exists in the wild,”the company stated. This vulnerability impacts the V8 engine, the JavaScript and WebAssembly engine serving Chrome.

Keep Other Browsers Updated

It’s also important to note that other Chromium-based browsers are susceptible to these issues. Users should check for any security updates available for their browsers to enhance protection and secure their online experiences.

The Importance of Regular Updates

The Chrome 120 Stable version was made public on December 6, 2023, alongside several updates that not only fixed vulnerabilities but also enhanced password sharing features and introduced automatic safety checks. Security is a continuous process; thus, users must maintain vigilance with regular updates.

Conclusion

Please prioritize this update to safeguard your browsing experience against these vulnerabilities. By staying updated, you are taking essential steps toward ensuring your browser’s safety and security.

Now You: Are you running the latest version of Chrome? Don’t wait to make the update!

Additional Insights

1. What does ‘0-day vulnerability’ mean?

A 0-day vulnerability refers to a security flaw that is exploited by attackers before the vendor has an opportunity to issue a patch. This type of vulnerability poses an immediate threat to users.

2. How can I ensure my Chrome updates are automatic?

By default, Google Chrome updates itself automatically when you close and reopen the browser. Ensure that your browser is configured correctly and check the settings under System to verify automatic updates feature is enabled.

3. What should I do if my Chrome isn’t updating?

If your Google Chrome isn’t updating automatically, you can manually check for updates by going to chrome://settings/help. If you face any issues, consider reinstalling Chrome or checking your firewall settings that might be blocking the update process.

Source & Images