Urgent: Update Your Google Chrome or Chromium-Based Browser to Fix 38 Security Flaws If you're a user of Google Chrome or any other Chromium-based browser, it's crucial to update your software immediately. Google has released a new version of Chrome, 128.0.6613.84/.85 for Windows and Mac, and 128.0.6613.84 for Linux, which includes fixes for a total of 38 security vulnerabilities. Among these, eight are classified as "High" severity by Google, as detailed in the Chrome Releases blog post. Each vulnerability is accompanied by information regarding its type, severity, the reward given to the discoverer, and the reporter's identity.

While addressing all these vulnerabilities is essential, one stands out as particularly urgent: a zero-day vulnerability identified as CVE-2024-7971. This flaw is a type confusion issue within Chrome's V8 JavaScript engine. Type confusion arises when a program fails to verify the type of an object before processing it, potentially leading to exploitable vulnerabilities if the object's type is incompatible or incorrect. Google has confirmed the existence of an exploit for this vulnerability in the wild, indicating that it is already being exploited by remote hackers.

The implications of this vulnerability are significant; it does not require an attacker to have physical access to the browser, and the chances of a hacker both being aware of the exploit and targeting your browser, while low, are not zero. Therefore, it is imperative to minimize risk by updating your browser as soon as possible. According to The Hacker News, this is the ninth zero-day vulnerability that Google has tackled in the current year, marking the third time confusion issues have affected the V8 JavaScript engine. Interestingly, the bug was reported by Microsoft Security Response Center, which was awarded $11,000 for identifying the flaw.

Although the remaining 37 vulnerabilities are not zero-day issues and currently have no known active exploits, it is still vital to apply the patches without delay. Now that these vulnerabilities are public knowledge, it's a race against time to prevent malicious actors from finding ways to exploit them. Failing to update your browser leaves you exposed to potential threats. This update is not exclusive to Chrome; it affects all Chromium-based browsers, including Microsoft Edge, Opera, Brave, and Vivaldi.

Users of these browsers are advised to update their software promptly to safeguard against these vulnerabilities. To update Chrome, follow these steps: Click on the three-dot menu in the upper-right corner of the browser window, navigate to Help > About Google Chrome. This will prompt Chrome to search for updates. If an update is available, you can click Relaunch to initiate the installation process. Lifehacker, a trusted source for tech assistance and life advice since 2005, aims to provide reliable tech support and practical, science-based life guidance to enhance your daily living. Our commitment to delivering valuable content is unwavering, and we strive to empower our readers with the knowledge they need to make informed decisions.

Lifehacker is a registered trademark of Ziff Davis, used with permission. Third-party trademarks and trade names displayed on this site do not necessarily indicate any affiliation or endorsement of Lifehacker. By clicking an affiliate link and purchasing a product or service, you may result in a fee being paid to us by the merchant.