Chrome 126 Update Patches Vulnerability Exploited at Hacking Competition

June 19, 2024 at 07:21AM Google announced an update to Chrome 126 containing six security fixes, including four high-severity vulnerabilities reported by external researchers. The first bug, CVE-2024-6100, was reported by Seunghyun Lee at the TyphoonPWN 2024 hacking competition, earning a $20,000 bug bounty. The update also addresses other high-severity flaws and is now rolling … Read more

Google Patches Chrome Flaw That Earned Hackers $42,500 at Pwn2Own

April 3, 2024 at 07:12AM Google announced a new Chrome update addressing a high-severity CVE-2024-3159 bug, exploited at Pwn2Own 2024. The update also resolves two other vulnerabilities and follows last week’s update fixing CVE-2024-2886 and CVE-2024-2887 flaws. This latest iteration is now rolling out for Windows, macOS, and Linux, and users are advised to update … Read more

Google fixes Chrome zero-days exploited at Pwn2Own 2024

March 27, 2024 at 02:47PM Google fixed two zero-day security vulnerabilities in the Chrome web browser, including type confusion and use-after-free weaknesses exploited during the Pwn2Own Vancouver 2024 hacking competition. The vulnerabilities allowed for remote code execution via crafted HTML pages. The patches were released in Chrome version 123.0.6312.86/.87 for Windows and Mac and 123.0.6312.86 … Read more