Time to spot: Chrome 120 repairs a 0-day security problem

Google launched an upgrade for its Chrome web internet browser a minute ago that repairs 4 security problems in all desktop variations and in Chrome for Android. Among the patched security problems is made use of in the wild.

Chrome users on desktop systems might upgrade Chrome to the brand-new variation currently. This is done immediately by Chrome, however some users might wish to upgrade the internet browser right away to secure it versus the 0-day vulnerability that is targeted in the wild.

Load chrome:// settings/help in the internet browser’s address bar or choose Menu > > Assistance > > About Google Chrome to open the exact same page. Google Chrome runs a look for updates and will download and set up the security upgrade at this moment. A reboot of the web internet browser is needed to finish the setup of the upgrade.

The Assistance page must note among the following Chrome variations after instalation:

  • Chrome for Mac: 120.0.6099.234
  • Chrome for Linux: 120.0.6099.224
  • Chrome for Windows: 120.0.6099.224 or 120.0.6099.225
  • Chrome Extended Steady Channel for Mac: 120.0.6099.234
  • Chrome Extended Steady Channel for Windows: 120.0.6099.225

Chrome 120 spots a 0-day vulnerability

Chrome 120 Security update

The main Google Chrome launches blog site lists 3 of the 4 security problems that Google attended to in the upgrade on the page. Google does not expose info about internally found security problems on the blog site.

The 3 noted problems consist of the 0-day vulnerability that is made use of in the wild:

  • [$16000][1515930] High CVE-2024-0517: Out of bounds compose in V8. Reported by Toan (suto) Pham of Qrious Secure on 2024-01-06
  • [$1000][1507412] High CVE-2024-0518: Type Confusion in V8. Reported by Ganjiang Zhou( @refrain_areu) of ChaMd5-H1 group on 2023-12-03
  • [$TBD][1517354] High CVE-2024-0519: Out of bounds memory gain access to in V8. Reported by Confidential on 2024-01-11

Google validates that CVE-2025-0519 is made use of in the wild: “Google knows reports that a make use of for CVE-2024-0519 exists in the wild.”

The problem was reported on January 11, 2024 to Google. It impacts V8, which is the JavaScript and WebAssembly engine that Google Chrome utilizes. All 3 noted security problems impact the engine in Chrome.

Other Chromium-based internet browsers are likewise impacted by the problem. Try to find security updates for these internet browsers also to secure them versus prospective attacks on the internet.

Chrome users are motivated to set up the upgrade right away to secure the internet browser versus attacks.

Google launched Chrome 120 Steady on December 6, 2023 to the general public. The upgrade included security updates however likewise password sharing enhancements and presented automated security checks in the internet browser. Extra point updates were launched in the meantime, consisting of on December 13, 2023.

Now You: do you run Chrome?


Time to patch: Chrome 120 fixes a 0-day security issue

Post Call

Time to spot: Chrome 120 repairs a 0-day security problem


Google launched a point upgrade for Chrome 120 a minute ago that spots 4 security problems, among which is made use of in the wild.


Martin Brinkmann


Ghacks Innovation News

Logo Design


Like this post? Please share to your friends:
Leave a Reply

;-) :| :x :twisted: :smile: :shock: :sad: :roll: :razz: :oops: :o :mrgreen: :lol: :idea: :grin: :evil: :cry: :cool: :arrow: :???: :?: :!: