Google has released an update for its Chrome browser, bringing it to version 120.0.6099.199 on Mac and Linux, and 120.0.6099.199/200 on Windows. The Extended Stable channel has also received updates for Mac and Windows. This update includes fixes for six security issues, with external researchers contributing to the resolution of vulnerabilities such as use-after-free problems in ANGLE and WebAudio, along with a heap buffer overflow in ANGLE. The security fixes are crucial in maintaining the browser’s integrity and protecting users from potential threats.
Notably, the security vulnerabilities addressed in this update were reported by external researchers, highlighting the collaborative effort to enhance the browser’s security. Google acknowledges the contributions of researchers like Toan Pham of Qrious Secure and Huang Xilin of Ant Group Light-Year Security Lab. The company also expresses gratitude to all security researchers who collaborated during the development cycle to identify and address potential security bugs before reaching the stable channel.
In addition to the externally reported issues, Google emphasizes its ongoing internal security efforts, which involve various initiatives such as internal audits, fuzzing, and other security measures. The company employs tools like AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, and AFL to detect and address security bugs proactively. This multi-faceted approach underscores Google’s commitment to maintaining a secure browsing environment for Chrome users.