Google has released the Chrome 150 update, addressing 27 security vulnerabilities, including two that are critically severe. These issues were identified in Chrome’s Ozone and Views components, both discovered by Google last month.
Details of the Chrome Update
The update includes fixes for 13 use-after-free vulnerabilities, with ten classified as high-severity and one as medium-severity. This demonstrates Google’s ongoing commitment to enhancing browser security.
Additional vulnerabilities corrected in this release involve issues such as uninitialized use, integer overflow, and out-of-bounds read and write. The update also addresses problems related to insufficient validation of untrusted input, inappropriate implementation, and inadequate policy enforcement.
Google’s Role in Discovering Flaws
Google’s internal team identified the majority of these security flaws, continuing a trend observed for over two months. Only three vulnerabilities were reported by external researchers, who were awarded $3,000 in bug bounties.
The prevalence of AI in bug detection has led to a decrease in bounty rewards but has significantly increased the number of vulnerabilities being addressed.
Ongoing Security Efforts by Google
Since April, Google has fixed more than 1,400 Chrome vulnerabilities, including many memory safety bugs. Updates in June and July alone resolved over 1,000 issues, reflecting a robust approach to maintaining browser security.
The latest Chrome version, 150.0.7871.114/.115, is available for Windows and macOS, while Linux users can download version 150.0.7871.114.
Related security updates include the patching of 382 vulnerabilities in previous Chrome versions and recommendations to patch other critical software flaws.
Conclusion
This latest update underscores the importance of regular software updates in securing personal and organizational data. Users are encouraged to update to the latest Chrome version to benefit from these critical security enhancements.
