niftycent.com
NiftyCent
PL
Login
Rynek
Zniżki

Google fixes high-risk Chrome vulnerabilities with June update

Google has released a security update for its Chrome browser. Two vulnerabilities have been fixed in the new Chrome versions 137.0.7151.103/104 for Windows and macOS and 137.0.7151.103 for Linux. According to Google, none of the vulnerabilities are being exploited for attacks in the wild. The manufacturers of other Chromium-based browsers will follow suit in the coming days.

In the Chrome Releases blog post, Prudhvikumar Bommana lists the two vulnerabilities that were discovered by external security researchers and reported to Google. Google classifies both vulnerabilities as high risk. CVE-2025-5958 is a use-after-free vulnerability in the Media component. If successful, an attacker could inject and execute arbitrary code.

The second vulnerability, CVE-2025-5959, was demonstrated at the TyphoonPWN hacker competition at the end of May, which has been taking place since 2018 as part of the TyphoonCon security conference in Seoul. The vulnerability is once again a type mix-up in the V8 JavaScript engine, which can also be used to execute injected code.

Google has also released Chrome for Android 137.0.7151.89, which fixes the same vulnerabilities in the Android version of the browser as in the desktop versions.

Chrome usually updates itself automatically when a new version is available. But if you aren’t up to the latest version yet, you can manually initiate an update check using the three-dot menu and navigating to Help > About Google Chrome. Google plans to release Chrome version 138 at the end of June.

Other Chromium-based browsers

The manufacturers of other Chromium-based browsers should be following suit with their own updates soon.

Brave and Microsoft Edge have already switched to Chromium 137 and are currently at the security level prior to this Chrome update. Vivaldi once again relies on the Extended Stable Channel of the previous version and is therefore at the same security level as Brave and Edge.

But Opera’s browser still uses the outdated Chromium 134, for which Google no longer provides security updates.

https://www.pcworld.com/article/2811456/google-fixes-high-risk-chrome-vulnerabilities-with-june-update.html

Utworzony 1d | 11 cze 2025, 15:20:14


Zaloguj się, aby dodać komentarz

Inne posty w tej grupie

Imilab C30 Dual review: 2 lenses, 1 smart monitoring solution
Imilab C30 Dual review: 2 lenses, 1 smart monitoring solution
At a glan
12 cze 2025, 19:10:10 | pcworld.com
AMD’s powerful AI chips can finally be unleashed on Windows PCs
AMD’s powerful AI chips can finally be unleashed on Windows PCs

AMD’s hardware teams have tried to redefine AI inferencing with power

12 cze 2025, 19:10:09 | pcworld.com
Vocal backlash forces Wikipedia to pause AI-generated summaries
Vocal backlash forces Wikipedia to pause AI-generated summaries

AI-generated summaries are low-hanging fruit for apps and services th

12 cze 2025, 16:50:11 | pcworld.com
PNY’s new dual USB-A/C flash drive hits an extreme 1,000 MB/s
PNY’s new dual USB-A/C flash drive hits an extreme 1,000 MB/s

Flash drives are kind of dull as a topic, the modern descendant of fl

12 cze 2025, 16:50:10 | pcworld.com
Microsoft throws shade at macOS Tahoe’s familiar new vista
Microsoft throws shade at macOS Tahoe’s familiar new vista

If you peeked over the platform wall at

12 cze 2025, 16:50:09 | pcworld.com
Microsoft’s AI helper, Copilot Vision, is now live
Microsoft’s AI helper, Copilot Vision, is now live

Your PC can now see what you’re looking at on the screen, if you choo

12 cze 2025, 16:50:08 | pcworld.com
Nintendo Switch 2 review: A worthwhile upgrade, just not a big leap
Nintendo Switch 2 review: A worthwhile upgrade, just not a big leap
At a glan
12 cze 2025, 14:30:15 | pcworld.com
Techie
Techie