Google has announced the release of Chrome 129, which is now available on the stable channel for Windows, Mac, and Linux users. This update will be rolled out gradually over the coming days and weeks.
The latest version, Chrome 129.0.6668.58 for Linux and 129.0.6668.58/.59 for Windows and Mac brings a host of improvements and crucial security fixes.
This release’s primary focus is security, addressing nine vulnerabilities that malicious actors could potentially exploit.
Several of these fixes were contributed by external security researchers, highlighting Google’s ongoing collaboration with the cybersecurity community to enhance user safety.
Decoding Compliance: What CISOs Need to Know – Join Free Webinar
Key security issues addressed include:
- CVE-2024-8904: A high-severity type confusion vulnerability in V8, reported by Popax21 on September 8, 2024. This flaw could potentially allow attackers to execute arbitrary code within the context of the browser.
- CVE-2024-8905: A medium-severity inappropriate implementation issue in V8, reported by Ganjiang Zhou of the ChaMd5-H1 team. This vulnerability was identified on August 15, 2024, and has been awarded a bounty of $8,000.
- CVE-2024-8906: An incorrect security UI issue in Downloads, reported by @retsew0x01 on July 12, 2024. This medium-severity flaw received a reward of $2,000.
Other vulnerabilities include insufficient data validation in Omnibox (CVE-2024-8907), inappropriate implementation in Autofill (CVE-2024-8908), and UI issues (CVE-2024-8909), each with varying levels of severity and associated rewards.
Beyond security patches, Chrome 129 introduces several enhancements aimed at improving user experience and performance.
While specific details about new features are yet to be fully disclosed, users can anticipate updates in upcoming Chrome and Chromium blog posts.
Google advises all users to update their browsers to the latest version to benefit from these security enhancements and performance improvements.
Users can check their current version and initiate updates by navigating to “Menu > Help > About Google Chrome” or entering chrome://settings/help in the address bar.
As always, Google maintains restrictions on detailed bug information until a majority of users have updated to ensure user safety and prevent exploitation of these vulnerabilities before they are widely patched.
Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14-day free trial