March 20, 2024 at 08:57AM
Google and Mozilla released web browser security updates addressing dozens of vulnerabilities, including critical and high-severity flaws. Chrome 123 fixes 12 bugs, one high-severity. The update also resolves medium and low-severity vulnerabilities. Google paid $22,000 in bug bounty rewards and released Chrome version 123.0.6312.58 for Linux and versions 123.0.6312.58/.59 for Windows and macOS. Mozilla released Firefox 124 with patches for 12 security defects, including critical-severity memory safety bugs. Additionally, Thunderbird 115.9 and Firefox ESR 115.9 were released with patches for 10 vulnerabilities. Both Google and Mozilla made no mention of any of these vulnerabilities being exploited in the wild.
Based on the meeting notes, here are the key takeaways:
1. Google has released Chrome 123 with patches for 12 bugs, including a critical-severity issue (CVE-2024-2625) in the V8 JavaScript and WebAssembly engine. They also paid out $22,000 in bug bounty rewards to reporting researchers.
2. Mozilla has released Firefox 124 and Thunderbird 115.9 with patches for multiple vulnerabilities, including critical-severity memory safety bugs (CVE-2024-2615) and high-severity issues.
3. Both Google and Mozilla have noted that there is no indication of these vulnerabilities being exploited in the wild.
Let me know if you need more information or if there are any other aspects you would like me to analyze from these meeting notes.