Tech giants Google and Mozilla have rolled out updates for their respective web browsers, Chrome and Firefox, to address several security vulnerabilities. Google’s update targets Chrome, while Mozilla focuses on Firefox. These updates aim to enhance the security and stability of the browsing experience for users worldwide. Users are encouraged to promptly update their browsers to ensure they are protected against potential threats. The patches aim to enhance the security and stability of the browsing experience for users worldwide.
Chrome 122 Security Fixes
Google released Chrome 122 in the stable channel, featuring patches for 12 security defects, with eight reported by external researchers. Among these, Google identified two high-severity flaws, including an out-of-bounds memory access bug in Blink, for which it awarded a $7,000 bug bounty. Another high-severity issue, a use-after-free flaw in Mojo, earned a $5,000 reward. Additionally, Google resolved five medium-severity vulnerabilities, covering areas such as Site Isolation, Content Security Policy, Navigation, Accessibility, and Download policy enforcement. Notably, Google rewarded the highest bug bounty of $8,000 for addressing inappropriate implementation in Site Isolation. The total bounty payout amounted to $28,000.
Firefox 123 Security Updates
Mozilla announced the release of Firefox 123, addressing 12 vulnerabilities categorized into four high-severity, six medium-severity, and two low-severity flaws. High-severity issues included an out-of-bounds memory read in networking channels and memory safety concerns, among others. Medium-severity bugs encompassed potential risks like poisoned local browser caches and unintended permission grants. Notably, Mozilla also released Firefox ESR 115.8 and Thunderbird 115.8, addressing eight of the vulnerabilities found in Firefox, including three high-severity flaws.
Absence of Exploitation in Attacks
Both Google and Mozilla stated that there have been no reports of these vulnerabilities being exploited in attacks. However, the prompt release of patches underscores the proactive approach of these companies in ensuring user safety and security in the online environment.
Also, Read about OpenAI Introduces Sora: Hyper-Realistic Video AI