Two Chrome updates in two days fix critical vulnerabilities


Updating Chrome is becoming an almost daily task lately. But it’s too important to ignore.

On Wednesday, July 8, Google released another Chrome update, just one day later after the previous one.

Between them, the two updates fixed 27 security vulnerabilities, including two critical flaws that could be exploited to compromise Chrome. Google says both are “use-after-free” memory vulnerabilities, which can sometimes allow attackers to run malicious code. Google has not reported any of these vulnerabilities as being actively exploited.

The Stable channel has been updated to 150.0.7871.114/.115 for Windows and macOS, and 150.0.7871.114 for Linux. The updates will roll out over the coming days and weeks.

Read more…
Source:  MalawareBytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Why Microsoft just patched a patch that squashed an under-attack Outlook bug

    May 12, 2023

    Microsoft in March fixed an interesting security hole in Outlook that was exploited by miscreants to leak victims’ Windows credentials. This week the IT giant fixed that fix as part of its monthly Patch Tuesday update. To remind you of the original bug, tracked as CVE-2023-23397: it was possible to send someone an email that included ...

  • CISA and FBI Release Joint Advisory in Response to Active Exploitation of PaperCut Vulnerability

    May 11, 2023

    CISA and FBI have released a joint Cybersecurity Advisory (CSA), Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG. This joint advisory provides details related to an exploitation of PaperCut MF/NG vulnerability (CVE-2023-27350). FBI observed malicious actors exploit CVE-2023-27350 beginning in mid-April 2023 and continuing through the present. In early May 2023, FBI observed a ...

  • Two Microsoft Windows bugs under attack, one in Secure Boot with a manual fix

    May 9, 2023

    May’s Patch Tuesday brings some good and some bad news, and if you’re a glass-half-full type, you’d lead off with Microsoft’s relatively low number of security fixes: a mere 38. Your humble vulture, however, is a glass-half-empty-and-who-the-hell-drank-my-whiskey kind of bird, so instead of looking on the bright side, we’re looking at the two Microsoft bugs that ...

  • CISA Releases Two Industrial Control Systems Advisories

    May 9, 2023

    CISA released two Industrial Control Systems (ICS) advisories on May 9, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-129-02 Hitachi Energy MSM Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Adds One Known Exploited Vulnerability to Catalog  

  • Leaked Private & BootGuard Keys in MSI Cyber Attack Pose Threat to PC Security

    May 8, 2023

    Following a recent cyber attack on MSI’s systems, hackers managed to obtain private keys and Intel BootGuard Keys, according to a warning from respected security firm Binarly. These keys are essential for maintaining the security of a company’s devices and firmware, and the leak could result in severe security compromises. Binarly’s CEO, Alex Matrosov, disclosed on ...

  • Dump these insecure phone adapters because we’re not fixing them, says Cisco

    May 5, 2023

    There is a critical security flaw in a Cisco phone adapter, and the business technology giant says the only step to take is dumping the hardware and migrating to new kit. In an advisory, Cisco this week warned about the vulnerability in the SPA112 2-Port Adapter that, if exploited, could allow a remote attacker to essentially ...