![]() A full list of changes in this build is available in the null log. Watch out for security update notifications for Microsoft Edge, Brave, Vivaldi or Opera, if these browsers are used.The Stable channel has been updated to 1.129 for Mac,Linux and 1.129/130 to Windows which will roll out over the coming days/weeks. It is unclear if other Chromium-based browsers are also affected by the issue, but it seems likely. ![]() Google Chrome users should update the web browser immediately to patch the issue and protect the web browser against exploits. ![]() CVE-2023-2136 – Integer overflow in the Skia graphics library (Chrome 112).The previously fixed 0-day security issues were: The security issue, CVE-2023-4863, is the fourth 0-day vulnerability that Google patched in Google Chrome in 2023. It is possible that the issue could be exploited by merely opening a website with specially crafted WebP images in Chrome is enough, but that is speculation at this point. While Google offers no additional details on the vulnerability, it does warn users that the issue is exploited in the wild already. ![]() WebP is a common image format on the Internet. Google notes further that WebP images are on average 26% smaller in size compared to PNG images, and between 25% and 34% smaller than JPEG images. WebP is an image format that "provides superior lossless and lossy compression for images on the web" according to Google. The issue, a heap buffer overflow vulnerability in WebP, was reported to Google by Apple Security Engineering and Architecture (SEAR) and The Citizen Lab at The University of Toronto?s Munk School on September 6, 2023. Google provides information on the critical security issue in Chrome on its official Chrome Releases blog. Google has not yet released the security update for Android Stable, only for Android Early Stable.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |