ISLAMABAD: Google Chrome has released an emergency security update for its Chrome Browser to address critical vulnerabilities.
The Security Advisory stated that the update, patches CVE-2024-4671, which could allow remote attacker to escape the browser’s sandbox via specially crafted webpages. Another patched vulnerability, CVE-2024-4761, involves an out-of-bound write in Google’s V8 JavaScript engine, also exploitable through crafted webpages.
Keeping Chrome updated is crucial to mitigate these security risks effectively. It has been recommended to safeguard against Chrome vulnerabilities, users shall ensure that their Chrome browser is updated to version 124.0.6367.207 or later by navigating to Setting>About Chrome and relaunching the browser if an update is available.
Another advisory noted that recently, Google has rolled out Android security updates for June 2024 via Google Play protect service, fixing 37 vulnerabilities. These updates are floated in the form of two security patch levels (SPLs) i.e. 2024-06-01 (SPL) to resolve 19 flaws in the framework and system components and 2024-06-05 (SPL) to addresses 18 flaws in Kernel, Imagination Technologies, Arm, MediaTek and Qualcomm components. Additionally, WearOS received patches for 3 vulnerabilities in 2024-06-01 (SPL), while Android AutomotiveOS (AAOS) includes the 2024-06-05 (SPL) fixes.
In view of these, all Android OS users are advised to enable Google Play protect service to receive notifications for the latest updates and ensure that the devices are running the latest security patch level. Also, devices running Android OS are advised to update to latest versions (11 or above).
Copyright Business Recorder, 2024