Chrome 127 Improves Cookie Protection on Windows

July 31, 2024 at 09:08AM Google announced improved cookie protections in Chrome 127 for Windows, along with a security update resolving three vulnerabilities. The most serious defect is a critical-severity issue in the open source implementation of the WebGPU standard, and two high-severity bugs were also addressed. Google is rolling out the update and advises … Read more

Google Chrome now asks for passwords to scan protected archives

July 25, 2024 at 11:26AM Google Chrome now features a two-tier warning system for downloaded files using AI-powered malware verdicts. The new warnings provide more information about the potential danger, improving user discretion and protection. Enhanced Protection mode prompts users to enter passwords for deeper scanning, providing extra security and data privacy. These updates aim … Read more

New Chrome Feature Scans Password-Protected Files for Malicious Content

July 25, 2024 at 01:57AM Google is enhancing security in Chrome by adding new warnings for potentially dangerous file downloads. The new warnings convey more detailed information and offer a two-tier warning system based on Google Safe Browsing verdicts. Enhanced Protection mode allows for automatic deep scans without user prompts, while maintaining user privacy by … Read more

Google Chrome now warns about risky password-protected archives

July 24, 2024 at 12:12PM Google Chrome has introduced a two-tier warning system to enhance user protection when downloading potentially risky password-protected files. It employs AI-powered malware verdicts from its Safe Browsing service to quickly assess the risk level of downloaded files. In addition, Enhanced Protection mode prompts users to enter passwords for deeper scan … Read more

Chrome 126 Update Patches Memory Safety Bugs

June 25, 2024 at 03:54AM Google announced a new Chrome security update addressing four high-severity memory safety vulnerabilities. 3 defects were reported by ‘wgslfuzz’ & the 4th by Cassidy Kim. wgslfuzz received a $10,000 reward for CVE-2024-6290 & Kim $4,000 for CVE-2024-6291. The update, version 126.0.6478.126 for Linux and 126.0.6478.126/127 for Windows and macOS, includes … Read more

Google Discovers Fourth Zero-Day in Less Than a Month

May 24, 2024 at 11:42AM Google has addressed a critical high-severity security flaw, CVE-2024-5274, in its Chrome browser. The bug, a type confusion vulnerability in the V8 engine, poses threats such as code execution or access control bypasses. Two researchers, ClĂ©ment Lecigne and Brendon Tiszka, reported the flaw. It marks Google’s fourth zero-day vulnerability this … Read more

Google fixes eighth actively exploited Chrome zero-day this year

May 24, 2024 at 05:36AM Google has released a new emergency security update for Chrome to address the eighth actively exploited zero-day vulnerability. Tracked as CVE-2024-5274, the high-severity ‘type confusion’ flaw in V8, Chrome’s JavaScript engine, can lead to crashes and data corruption. The fix is available for Windows and Mac, with updates for Linux … Read more

Google Patches Fourth Chrome Zero-Day in Two Weeks

May 24, 2024 at 05:09AM Google has released a new Chrome update to fix a high-severity vulnerability, CVE-2024-5274, making it the fourth zero-day patched in two weeks. The exploit exists in the wild, and no bug bounty will be given for its discovery. Google urges users to update to the latest Chrome release, version 125.0.6422.112. … Read more

Google fixes third actively exploited Chrome zero-day in a week

May 16, 2024 at 06:55AM Google issued an emergency Chrome security update to address a zero-day vulnerability, the third exploited in a week. The fix, released for Mac, Windows, and Linux, will automatically update Chrome, but users can verify by going to Help>About Google Chrome. The vulnerability, used in attacks, remains unpublicized as Google maintains … Read more

Google patches third exploited Chrome zero-day in a week

May 15, 2024 at 06:43PM Google released a new emergency Chrome security update to address a third zero-day vulnerability (CVE-2024-4947) exploited in attacks. This high-severity flaw was fixed with the release of version 125.0.6422.60/.61 for Mac/Windows and 125.0.6422.60 for Linux. This is the seventh actively exploited zero-day patched in 2024. Users can ensure they are … Read more