Google has recently released Chrome 120 for Windows, Mac, and Linux. This version of Chrome comes with 10 security patches to ensure a safer browsing experience for its users.
The most recent versions of Chrome available to users are 120.0.6099.62 for Linux and macOS and 120.0.6099.62/.63 for Windows.
The most recent version of the Extended Stable channel is 120.0.6099.63 for Windows and 120.0.6099.62 for Mac. The update will be implemented over the next few days and weeks.
Security Vulnerabilities Addressed
Although ten security flaws are fixed overall, Google only lists the flaws external researchers disclose.
A high-severity issue was identified as CVE-2023-6508, used after free in Media Stream. This allowed a remote attacker to possibly exploit heap corruption via a crafted HTML page. Google awarded a $10,000 bounty after Cassidy Kim (@cassidy6564) reported it.
CVE-2023-6509 is a high-severity issue. Use it for free in Side Panel Search. This allowed a remote attacker who enticed a user to perform a specific UI interaction to possibly exploit heap corruption. Khalil Zhani reported this problem, and a bounty of $1,000 was given.
The next issue is tracked as CVE-2023-6510, Use after free in Media Capture, which is a medium-severity issue. After [pwn2car] reported this, a $1,000 bounty was given out.
Inappropriate implementation in Autofill is a low-severity bug identified as CVE-2023-6511. Google awarded a $2000 bounty after Ahmed ElMasry reported this.
A low-severity bug identified as CVE-2023-6512 relates to an inappropriate web browser user interface implementation. Om Apip reported it, and a $1,000 bounty was given out.
How to Update?
To view the most recent version on desktop devices, users of Google Chrome can navigate to Menu > Help > About Google Chrome or type chrome://settings/help into the address bar.
The browser looks for updates as soon as the website is accessed; it downloads and installs any that it finds. It ought to detect and install Chrome 120. To finish the update, the browser must be restarted.
Google recommends that users update to the most recent version of Google Chrome to prevent exploiting vulnerabilities.
.webp "R0bl0ch0n Rogue TDS Impacted Over 110 Million Internet Users")
.webp "LiteSpeed Cache Plugin Flaw Let Attackers Inject Malicious Code, 5M+ Sites Impacted"){kind=small}
.webp "ServiceNow Flaw Let Remote Attackers Execute Arbitrary Code"){kind=small}