Google Chrome 148 Update Includes 127 Security Patches
Google Releases Chrome 148 with 127 Security Fixes
Google has released Chrome 148 to the stable channel, addressing 127 security issues, including three critical-severity vulnerabilities.
- The update fixes a total of 127 security issues, including three critical-severity vulnerabilities.
- The critical flaws affect the Blink component and involve an integer overflow issue, a use-after-free weakness, and another use-after-free weakness in the Mobile and Chromoting components.
The update also patches over 30 high-severity vulnerabilities, most of which are use-after-free bugs affecting various components such as ANGLE, SVG, DOM, Fullscreen, Views, Aura, GPU, Skia, Passwords, ServiceWorker, Chromoting, WebRTC, PresentationAPI, and MediaRecording.
- The highest bug bounty was paid for an out-of-bounds read and write issue in the V8 JavaScript engine, with a reward of $55,000.
- Other high-severity flaws addressed with the update include a heap buffer overflow in ANGLE, an out-of-bounds memory access in V8, an out-of-bounds read in Fonts, integer overflows in ANGLE and GPU, and insufficient validation of untrusted input in Media.
While most of the addressed vulnerabilities were discovered by Google, the company paid $138,000 in bug bounty rewards to external researchers. The final amount could be higher, as the company has yet to disclose the amounts handed out for many of the resolved issues.
Key Highlights:
- Total of 127 security issues fixed.
- Three critical-severity vulnerabilities patched.
- Over 30 high-severity vulnerabilities addressed.
- Highest bug bounty paid for out-of-bounds read and write issue in V8 JavaScript engine.
Chrome 148 Now Available for Download
The latest Chrome iteration is now rolling out as version 148.0.7778.96 for Linux and as versions 148.0.7778.96/97 for Windows and macOS. This release is part of Google’s ongoing effort to address security vulnerabilities and ensure the stability and reliability of its browser.
About Author
English