Canadian Centre for Cyber Security highlighted critical vulnerabilities addressed by Google on March 5, 2024. The focus is on Chrome for Desktop, urging users to update to versions 122.0.6261.111/.112 for Windows and Mac, and 122.0.6261.111 for Linux. The Stable and Extended Stable channels have been updated accordingly, with specific fixes mentioned, including out-of-bounds memory access and use-after-free issues.
Google acknowledges external researchers who contributed to identifying and reporting these vulnerabilities, emphasizing collaboration to enhance security measures. The update includes three significant fixes, with rewards ranging from $6000 to $12000. The security team at Google employs advanced tools like AddressSanitizer and libFuzzer to detect and address potential threats during the development cycle.
This advisory not only serves as a warning but also encourages users to actively participate in maintaining a secure environment. It concludes by directing users to resources on switching release channels and reporting new issues through bug filing or community forums.
Reference:
