Updating Chrome is becoming an almost daily task lately. But it’s too important to ignore.
On Wednesday, July 8, Google released another Chrome update, just one day later after the previous one.
Between them, the two updates fixed 27 security vulnerabilities, including two critical flaws that could be exploited to compromise Chrome. Google says both are “use-after-free” memory vulnerabilities, which can sometimes allow attackers to run malicious code. Google has not reported any of these vulnerabilities as being actively exploited.
The Stable channel has been updated to 150.0.7871.114/.115 for Windows and macOS, and 150.0.7871.114 for Linux. The updates will roll out over the coming days and weeks.
Read more…
Source: MalawareBytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Multiple Vulnerabilities in SonicOS
January 8, 2025
SonicWall has released a security advisory to address three high severity vulnerabilities and one medium severity vulnerability in SonicOS. SonicWall appliances are security appliances that provide virtual private network (VPN) and ‘next-gen’ firewall capabilities. Read more… Source: NHS Digital Sign up for our Newsletter Related:
- Multiple Vulnerabilities in Redis
January 7, 2025
Two security advisories have been released to address two vulnerabilities in Redis. Redis is a popular in-memory key-value database that persists on disk. CVE-2024-46981 is a ‘use after free’ vulnerability with a CVSSv3 score of 7.0. If exploited, an authenticated attacker could use a specially crafted Lua script to achieve remote code execution. CVE-2024-51741 is an ...
- What We Know About CVE-2024-49112 and CVE-2024-49113
January 4, 2025
In December 2024, two Windows Lightweight Directory Access Protocol (LDAP) vulnerabilities were identified by independent security researcher Yuki Chen: CVE-2024-49112, a remote code execution (RCE) flaw with a 9.8 CVSS score, and CVE-2024-49113, a denial-of-service (DoS) flaw with a 7.5 CVSS score. This blog entry provides an overview of these two vulnerabilities and includes information that ...
- Google Chrome extensions targeted by hackers to steal user passwords
December 30, 2024
Cyberhaven has confirmed its Google Chrome extension was the subject of a Christmas Eve cyberattack, exposing sensitive customer data like passwords and session tokens. In a statement, the data loss prevention company noted the attack showed signs of being part of a “wider campaign” to target other companies, too. The attack started as many others do ...
- WhatsApp scores historic victory against NSO Group in long-running spyware hacking case
December 23, 2024
A U.S. judge has ruled that Israeli spyware maker NSO Group breached hacking laws by using WhatsApp to infect devices with its Pegasus spyware. In a historic ruling on Friday, a Northern California federal judge held NSO Group liable for targeting the devices of 1,400 WhatsApp users, violating state and federal hacking laws as well as ...
- Cloud Atlas seen using a new tool in its attacks
December 23, 2024
Known since 2014, Cloud Atlas targets Eastern Europe and Central Asia. We’re shedding light on a previously undocumented toolset, which the group used heavily in 2024. Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor (CVE-2018-0802) to download and execute malware code. When opened, the document downloads a ...

