US cyber agency warns users to update Chrome to protect against hackers exploiting vulnerabilities


Critical Security Update: Google Chrome Version 125 Released to Fix High-Risk Vulnerabilities

Google Chrome users are urged to check if their browser is updated to the latest version, as older versions are vulnerable to exploitation by malicious actors. Following an emergency security patch, Google has released Chrome version 125, which addresses critical flaws and two additional high-risk vulnerabilities.

The Chrome team has rolled out stable version 125, which includes nine security fixes and various improvements. Users are advised not to delay updating their browsers to ensure their safety online.

Two of the high-risk vulnerabilities identified in Chrome were listed in the US Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities Catalog. Federal agencies have been warned to address these vulnerabilities promptly to mitigate potential risks.

One of the vulnerabilities, labeled CVE-2024-4761, impacts Chrome versions prior to 124.0.6367.207 and involves an “out-of-bounds write” issue in the V8 JavaScript engine. This vulnerability could allow remote attackers to execute malicious code via a crafted HTML page.

The other vulnerability, labeled CVE-2024-4671, poses a sandbox escape risk for attackers who compromise the renderer process. Both vulnerabilities affect multiple Chromium-based browsers, emphasizing the importance of timely updates.

CISA has set deadlines for agencies to address these vulnerabilities, with ‘high-risk’ vulnerabilities requiring resolution within 30 days. Google has released the latest Chrome versions, 125.0.6422.60/.61 on Windows and Mac, and 125.0.6422.60 on Linux, to address these security concerns.

To update Chrome, users can go to Settings and select About Chrome to check for available updates. It is crucial to stay vigilant and ensure that your browser is up to date to protect against potential cyber threats.

Related articles

Recent articles