Google has released Chrome 124 in its stable channel, addressing a total of 22 security vulnerabilities. This latest update includes fixes for 13 bugs reported by external researchers, highlighting the company’s ongoing commitment to collaborating with the cybersecurity community to enhance browser security. Among the vulnerabilities patched, three are categorized as high-severity, reflecting their potential impact on users if exploited.
The most severe of these high-severity issues is CVE-2024-3832, an object corruption defect in Chrome’s V8 JavaScript engine, for which Google awarded a $20,000 bug bounty. This particular flaw was identified by Man Yue Mo of the GitHub Security Lab, illustrating the critical role that external researchers play in the security ecosystem. Additionally, other notable high-severity issues include CVE-2024-3833, an object corruption issue in WebAssembly, and CVE-2024-3834, a use-after-free defect in Downloads, with bounties of $10,000 and $3,000, respectively.
This update not only addresses high-severity issues but also resolves six medium-severity and four low-severity problems, contributing to the overall stability and security of the browser. Google disclosed that it has paid out a total of $65,000 in bug bounties for this round of patches, though the final amount could increase as rewards for two of the bugs are still to be determined. This strategic investment in bug bounties underscores the importance of security in software development and maintenance.
Chrome 124 is now available for users on various platforms, including Windows, macOS, and Linux, marking another step in Google’s efforts to ensure a secure browsing experience. The release of such updates is crucial in safeguarding users against potential threats and maintaining trust in Google’s products. As cyber threats continue to evolve, these updates are vital in preventing exploits and protecting user data from unauthorized access.
