Google has updated the Stable channel for Chrome to version to 109.0.5414.119 for Mac and Linux and 109.0.5414.119/.120 for Windows. The newest version of the browser includes fixes for six vulnerabilities. Four of the flaws were submitted by external researchers. These include use after free vulnerabilities in WebTransport, WebRTC, and GuestView, and a type confusion vulnerability in ServiceWorker API.
Note
- Practitioner’s note: Remember that Chrome patches are applied automatically when it starts. So for those of you who never close your browser, this is your reminder to do so regularly. (-:
- The update addresses two critical use-after-free flaws, the most severe CVE-2023-0471 has a CVSS score of 8.8. Currently there is no evidence of active exploitation. Good news is, after 2022, we’re all good at deploying Chrome updates. Bad news is, browsers will continue to have flaws, and your users will continue to demand using them as if they don’t.
Read more in
Alex Lim
Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook
