With the new Chrome versions 123.0.6312.58/59 for Windows and macOS and 123.0.6312.58 for Linux, released on March 19, Google fixed 12 vulnerabilities in its browser. So far, none of these vulnerabilities have been exploited for attacks. Manufacturers of other Chromium-based browsers have not yet followed suit, but will do so in the near future.
In the Chrome Release Blog, Srinivas Sista lists the seven of the 12 vulnerabilities that were discovered by external security researchers and reported to Google. Google classifies one of these vulnerabilities (CVE-2024-2625) as high risk. It is located in the Javascript engine V8. A further five vulnerabilities are classified as medium risk. One or two of the vulnerabilities could be used to inject and execute code. Google has awarded the discoverers rewards totaling $22,000 USD. Google does not provide any information on internally discovered vulnerabilities.
Chrome 123 does not include any new features. Chrome usually updates itself automatically when a new version is available. You can manually initiate the update check using the ⋮ menu item ” Help ” About Google Chrome. Google has also released Chrome for Android 123.0.6312.40 and Chrome for iOS 123.0.6312.52.
Further reading: 21 Chrome tips to make browsing smoother and faster
Other Chromium-based browsers
The manufacturers of other Chromium-based browsers are now once again required to quickly follow suit with updates. So far, no one has made the switch to Chromium 123. However, Microsoft Edge, Brave, and Vivaldi are at the security level prior to this Chrome update. Opera is still one update behind.
This article was translated from German to English and originally appeared on pcwelt.de.
